CVE-2022-42704

A cross-site scripting XSS vulnerability in Employee Service Center esc and Service Portal sp in ServiceNow Quebec, Rome, and San Diego allows remote attackers to inject arbitrary web script via the Standard Ticket Conversations widget...

CVE-2022-46622

A cross-site scripting XSS vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

Cross site scripting

Multiple stored cross-site scripting XSS vulnerabilities in Arcadyan Wifi routers VRV9506JAC23 allow remote attackers to inject arbitrary web script or HTML via the hostName and domainname parameters present in the LAN configuration section of the administrative dashboard...

Super Flexible Software Syncovery Cross-site Scripting (CVE-2022-36533)

A cross-site scripting vulnerability exists in Super Flexible Software Syncovery. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Atmosphere Java Framework Reflected Cross-Site Scripting

A cross-site scripting vulnerability exists in Atmosphere. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

CVE-2022-42118

A Cross-site scripting XSS vulnerability in the Portal Search module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the tag parameter...

CVE-2022-42111

A Cross-site scripting XSS vulnerability in the Sharing module's user notification in Liferay Portal 7.2.1 through 7.4.2, and Liferay DXP 7.2 before fix pack 19, and 7.3 before update 4 allows remote attackers to inject arbitrary web script or HTML by sharing an asset with a crafted payload...

CVE-2022-42111

A Cross-site scripting XSS vulnerability in the Sharing module's user notification in Liferay Portal 7.2.1 through 7.4.2, and Liferay DXP 7.2 before fix pack 19, and 7.3 before update 4 allows remote attackers to inject arbitrary web script or HTML by sharing an asset with a crafted payload...

Cross site scripting

A Cross-site scripting XSS vulnerability in the Sharing module's user notification in Liferay Portal 7.2.1 through 7.4.2, and Liferay DXP 7.2 before fix pack 19, and 7.3 before update 4 allows remote attackers to inject arbitrary web script or HTML by sharing an asset with a crafted payload...

CVE-2022-42110

A Cross-site scripting XSS vulnerability in the Announcements module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML...

CVE-2022-42118

The CVE-2022-42118 XSS flaw affects Liferay Portal 7.1.0–7.4.2 and Liferay DXP 7.1 (before fix pack 27), 7.2 (before fix pack 15), and 7.3 (before service pack 3) in the Portal Search module via the tag parameter. Exploitation can inject arbitrary script/HTML, potentially stealing credentials or ...

Supervene RazDC WebUI Cross-Site Scripting (CVE-2018-15550)

A cross-site scripting vulnerability exists in Supervene. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

jQuery UI Cross-site Scripting (CVE-2021-41184)

A cross-site scripting vulnerability exists in jQuery UI. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

CVE-2022-42113

A Cross-site scripting XSS vulnerability in Document Library module in Liferay Portal 7.4.3.30 through 7.4.3.36, and Liferay DXP 7.4 update 30 through update 36 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

CVE-2022-42112

A Cross-site scripting XSS vulnerability in the Portal Search module's Sort widget in Liferay Portal 7.2.0 through 7.4.3.24, and Liferay DXP 7.2 before fix pack 19, 7.3 before update 5, and DXP 7.4 before update 25 allows remote attackers to inject arbitrary web script or HTML via a crafted paylo...

CVE-2022-42116

A Cross-site scripting XSS vulnerability in the Frontend Editor module's integration with CKEditor in Liferay Portal 7.3.2 through 7.4.3.14, and Liferay DXP 7.3 before update 6, and 7.4 before update 15 allows remote attackers to inject arbitrary web script or HTML via the 1 name, or 2 namespace...

Cross site scripting

A Cross-site scripting XSS vulnerability in the Frontend Taglib module in Liferay Portal 7.3.2 through 7.4.3.16, and Liferay DXP 7.3 before update 6, and 7.4 before update 17 allows remote attackers to inject arbitrary web script or HTML...

Cross site scripting

A Cross-site scripting XSS vulnerability in the Frontend Editor module's integration with CKEditor in Liferay Portal 7.3.2 through 7.4.3.14, and Liferay DXP 7.3 before update 6, and 7.4 before update 15 allows remote attackers to inject arbitrary web script or HTML via the 1 name, or 2 namespace...

CVE-2022-39988

A cross-site scripting XSS vulnerability in Centreon 22.04.0 allows attackers to execute arbitrary web script or HTML via a crafted payload injected into the ServiceTemplates servicealias parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via 1 the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the 2 groupID, 3 offset, or 4 limit parameter to a...