CVE-2021-45071

Cross-site scripting XSS issue Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, via crafted uploaded file names...

CVE-2023-26843

A stored Cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the NoteEditor.php...

CVE-2023-25346

A reflected cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found...

Cross site scripting

A reflected cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found...

CVE-2023-26843

A stored Cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the NoteEditor.php...

Cross-site Scripting in Backdrop CMS

A stored Cross-site scripting XSS issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. When a user is editing any content type e.g., page, post, or card as an admin, the stored XSS payload is execute...

CVE-2023-31045

A stored Cross-site scripting XSS issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. When a user is editing any content type e.g., page, post, or card as an admin, the stored XSS payload is execute...

Cross site scripting

DISPUTED A stored Cross-site scripting XSS issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. When a user is editing any content type e.g., page, post, or card as an admin, the stored XSS payload i...

CVE-2023-31045

A stored Cross-site scripting XSS issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. When a user is editing any content type e.g., page, post, or card as an admin, the stored XSS payload is execute...

CVE-2023-31045

A stored Cross-site scripting XSS issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. When a user is editing any content type e.g., page, post, or card as an admin, the stored XSS payload is execute...

Cross site scripting

Snippet-box 1.0.0 is vulnerable to Cross Site Scripting XSS. Remote attackers can render arbitrary web script or HTML from the "Snippet code" form field...

CVE-2023-23277

Snippet-box 1.0.0 is vulnerable to Cross Site Scripting XSS. Remote attackers can render arbitrary web script or HTML from the "Snippet code" form field...

Cross site scripting

A stored Cross-Site Scripting XSS vulnerability in the Chat gadget in Upstream Works Agent Desktop for Cisco Finesse through 4.2.12 and 5.0 allows remote attackers to inject arbitrary web script or HTML via AttachmentId in the file-upload details...

SQL Monitor 12.1.31.893 Cross Site Scripting

Exploit Title: SQL Monitor 12.1.31.893 - Cross-Site Scripting XSS Date: 12/21/2022 02:07:23 AM UTC Exploit Author: [email protected] Vendor Homepage: https://www.red-gate.com/ Software Link: https://www.red-gate.com/products/dba/sql-monitor/ Version: SQL Monitor 12.1.31.893 Tested on: Window...

CVE-2022-38220

An XSS vulnerability exists within Quest KACE Systems Management Appliance SMA through 12.1 that may allow remote injection of arbitrary web script or HTML...

K44164245: XSS vulnerability CVE-2013-2618

Security Advisory Description Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter. CVE-2013-2618 Impact There is no impact; F5 products are not affected by this...

UJCMS 跨站脚本漏洞

UJCMS is UJCMS open source a Java open source content management system . UJCMS v4.1.3 version of a security vulnerability , the vulnerability stems from the existence of cross-site scripting XSS vulnerability , an attacker can be exploited to exploit the vulnerability will be carefully crafted...

SUSE CVE-2009-2057

Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a 1 4xx or 2 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL...

CVE-2022-46889

A persistent cross-site scripting XSS vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php...

CVE-2022-46889

A persistent cross-site scripting XSS vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php...