Cross site scripting

Cross-site scripting XSS vulnerability in the PageBuilder2 aka Page Builder theme in IBM WebSphere Portal 7.x before 7.0.0.1 CF006, as used in IBM Web Content Manager WCM and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-2510

Cross-site scripting XSS vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link...

Juniper Networks Junos OS CVE-2009-3485

Cross-site scripting XSS vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the default URI. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a...

Cross site scripting

Cross-site scripting XSS vulnerability in the Category Tokens module 6.x before 6.x-1.1 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML by editing or creating vocabulary names, which are not properly handled in token help...

CVE-2010-4811

Multiple cross-site scripting XSS vulnerabilities in ajaxmember.php in 6kbbs 8.0 build 20100901 allow remote attackers to inject arbitrary web script or HTML via the 1 usermsn, 2 useremail, and 3 userphone parameters in a modifyDetails action...

CVE-2010-4813

Cross-site scripting XSS vulnerability in the Category Tokens module 6.x before 6.x-1.1 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML by editing or creating vocabulary names, which are not properly handled in token help...

CVE-2011-2607

Cross-site scripting XSS vulnerability in IBM Rational Team Concert RTC 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165513...

Cross site scripting

Cross-site scripting XSS vulnerability in the Web UI in IBM Rational Team Concert RTC 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165511...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Rational Team Concert RTC 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165513...

Cross site scripting

Cross-site scripting XSS vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity...

CVE-2011-2606

Cross-site scripting XSS vulnerability in the Web UI in IBM Rational Team Concert RTC 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165511...

CVE-2011-2369

Cross-site scripting XSS vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity...

CVE-2011-1330

Cross-site scripting XSS vulnerability in WeblyGo 5.0 Pro/LE, 5.02 Pro/LE, 5.03 Pro/LE, 5.04 Pro/LE, and 5.10 Pro/LE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in WeblyGo 5.0 Pro/LE, 5.02 Pro/LE, 5.03 Pro/LE, 5.04 Pro/LE, and 5.10 Pro/LE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-1264

Cross-site scripting XSS vulnerability in Active Directory Certificate Services Web Enrollment in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Active Directory...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in config.c in config.cgi in 1 Nagios 3.2.3 and 2 Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an a command action or a b hosts action...

Cross site scripting

Cross-site scripting XSS vulnerability in Coppermine Photo Gallery CPG before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-4667...

Mandriva Linux Security Advisory : webmin (MDVSA-2011:109)

A vulnerability was discovered and corrected in webmin : Cross-site scripting XSS vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real aka Full Name field, related to useradmin/index.cgi and...

CVE-2011-1953

Multiple cross-site scripting XSS vulnerabilities in common.php in Post Revolution before 0.8.0c-2 allow remote attackers to inject arbitrary web script or HTML via an attribute of a 1 P, a 2 STRONG, a 3 A, a 4 EM, a 5 I, a 6 IMG, a 7 LI, an 8 OL, a 9 VIDEO, or a 10 BLOCKQUOTE element...

Cross site scripting

Cross-site scripting XSS vulnerability in the safehtml filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422...