CVE-2022-28978

Stored cross-site scripting XSS vulnerability in the Site module's user membership administration page in Liferay Portal 7.0.1 through 7.4.1, and Liferay DXP 7.0 before fix pack 102, 7.1 before fix pack 26, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject...

Cross site scripting

Stored cross-site scripting XSS vulnerability in the Site module's user membership administration page in Liferay Portal 7.0.1 through 7.4.1, and Liferay DXP 7.0 before fix pack 102, 7.1 before fix pack 26, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject...

WordPress KingComposer Plugin Cross-site Scripting (CVE-2020-15299)

A cross-site scripting vulnerability exists in WordPress KingComposer plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Cross site scripting

Cross Site Scripting XSS in xiunobbs 4.0.4 allows remote attackers to execute arbitrary web script or HTML via the attachment upload function...

Jenkins Credentials Plugin Cross-site Scripting (CVE-2022-29036)

A cross-site scripting vulnerability exists in Jenkins Credentials Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Zoo Management System Cross-Site Scripting Vulnerability

PHPGURUKUL Zoo Management System is a zoo management system by Phpgurukul team. A cross-site scripting vulnerability exists in Zoo Management System v1.0, which stems from a lack of checksum filtering of user-supplied data and output in the Add Category feature. The vulnerability can be exploited...

CVE-2020-19897

A reflected Cross Site Scripting XSS in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter...

Cross site scripting

A reflected Cross Site Scripting XSS in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter...

CVE-2020-19897

A reflected Cross Site Scripting XSS in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter...

QNAP FileStation Cross Site Scripting (CVE-2018-19943)

A cross site scripting vulnerability exists in QNAP FileStation. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

WordPress Sticky Popup plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Sticky Popup plugin 1.2 and earlier versions have a cross-site scripting vulnerability, whi...

WordPress Plugin Keep Backup Daily Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress plugin Keep Backup Daily version 2.0.2 and prior versions, which stems from insufficient...

Cross-site Scripting in SEOmatic plugin

A cross-site scripting XSS vulnerability in the SEOmatic plugin 3.4.10 for Craft CMS 3 allows remote attackers to inject arbitrary web script via a GET to /index.php?action=seomatic/file/seo-file-link with url parameter containing the base64 encoded URL of a malicious web page / file and fileName...

WhatsApp Desktop Cross Site Scripting (CVE-2019-18426)

A cross site scripting vulnerability exists in WhatsApp Desktop. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

CVE-2021-41750

A cross-site scripting XSS vulnerability in the SEOmatic plugin 3.4.10 for Craft CMS 3 allows remote attackers to inject arbitrary web script via a GET to /index.php?action=seomatic/file/seo-file-link with url parameter containing the base64 encoded URL of a malicious web page / file and fileName...

CVE-2021-41750

A cross-site scripting XSS vulnerability in the SEOmatic plugin 3.4.10 for Craft CMS 3 allows remote attackers to inject arbitrary web script via a GET to /index.php?action=seomatic/file/seo-file-link with url parameter containing the base64 encoded URL of a malicious web page / file and fileName...

Cross site scripting

A cross-site scripting XSS vulnerability in the SEOmatic plugin 3.4.10 for Craft CMS 3 allows remote attackers to inject arbitrary web script via a GET to /index.php?action=seomatic/file/seo-file-link with url parameter containing the base64 encoded URL of a malicious web page / file and fileName...

Online Market Place Site Cross-Site Scripting Vulnerability

Online Market Place Site is an online marketplace site. v1.0 of Online Market Place Site is vulnerable to a cross-site scripting vulnerability in which the Page parameter in the source/omps/seller lacks a checksum filter for user-supplied data and output data. An attacker could use the...

CVE-2022-29540

resi-calltrace in RESI Gemini-Net 4.2 is affected by Multiple XSS issues. Unauthenticated remote attackers can inject arbitrary web script or HTML into an HTTP GET parameter that reflects user input without sanitization. This exists on numerous application endpoints,...

CVE-2022-29540

resi-calltrace in RESI Gemini-Net 4.2 is affected by Multiple XSS issues. Unauthenticated remote attackers can inject arbitrary web script or HTML into an HTTP GET parameter that reflects user input without sanitization. This exists on numerous application endpoints,...