CVE-2020-13480

Verint Workforce Optimization WFO 15.2 allows HTML injection via the "send email" feature...

PT-2020-13664 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.19 Description: The default settings of the global textfilter configuration in Joomla! do not block HTML inputs for Guest users. This issue may allow unauthorized users to inject malicious HTML code...

RICOH SP 4510SF Printer HTML Injection Vulnerability

The RICOH SP 4510SF Printer is a printer. The RICOH SP 4510SF Printer suffers from an HTML injection vulnerability. An attacker can exploit the vulnerability to execute arbitrary code...

WellCMS X has an xss vulnerability

WellCMS X is a mobile-oriented content management product. An xss vulnerability exists in WellCMS X, which can be exploited to inject arbitrary web script or HTML...

Palo Alto Networks Expedition Migration Tool Cross-Site Scripting Vulnerability (CNVD-2019-13414)

Palo Alto Networks Expedition Migration Tool is a security policy configuration migration tool from Palo Alto Networks, USA. An HTML injection vulnerability exists in Palo Alto Networks Expedition Migration Tool, which stems from the program's inability to properly filter user-supplied input. A...

CVE-2019-7430

PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar...

PHP Scripts Mall Entrepreneur Job Portal Script HTML Injection Vulnerability

PHP Scripts Mall Entrepreneur Job Portal Script is a PHP script that allows you to create your own job portal. PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 suffers from an HTML injection vulnerability, which can be exploited by an attacker via the search bar to achieve HTML injection...

CVE-2019-9066

PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile...

CVE-2018-19905

HTML injection exists in razorCMS 3.4.8 via the //page keywords parameter...

User Management Cross-Site Scripting Vulnerability

User Management is a user manager. A cross-site scripting vulnerability exists in the upload section of User Management version 1.1. A remote attacker can use this vulnerability to inject arbitrary web script or HTML...

razorCMS HTML Injection Vulnerability

razorCMS is an open source content management system written in PHP, which stores all data in flat files, so there is no need to install a database. An HTML injection vulnerability exists in razorCMS version 3.4.7, which can be exploited by attackers to execute malicious code...

ZOHO ManageEngine ADManager Plus HTML Injection Vulnerability

ZOHO ManageEngine ADManager Plus is an IT operations management software. ZOHO ManageEngine ADManager Plus suffers from an HTML injection vulnerability that can be exploited by attackers to allow HTML injection...

CVE-2018-7303

The Calendar component in Tiki 17.1 allows HTML injection...

Red Hat CloudForms HTML Injection Vulnerability

Red Hat CloudForms is a suite of IaaS Infrastructure as a Service cloud service solutions from Red Hat, Inc. The solution creates and manages private and public clouds and has the ability to manage the application lifecycle. An HTML injection vulnerability exists in Red Hat CloudForms, which stem...

Atlassian FishEye and Crucible Cross-Site Scripting Vulnerabilities

Atlassian FishEye and Crucible are both products of the Australian company Atlassian, FishEye is a suite of software for deep viewing of source code repositories and Crucible is a suite of code review tools. A cross-site scripting vulnerability exists in the administration user deletion resource ...

Centreon Cross-Site Scripting Vulnerability

Centreon formerly known as Merethis Centreon is an open source IT monitoring software suite from Centreon France that needs to be paired with Nagios to manage Nagios via the web and third-party components to enable monitoring of networks, operating systems and applications. A cross-site scripting...

Paessler PRTG Network Monitor Cross-Site Scripting Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler AG, Germany. A cross-site scripting vulnerability exists in versions prior to Paessler PRTG Network Monitor 17.2.32.2279. A remote attacker can exploit this vulnerability to inject arbitrary...

RedHat JBoss BRMS and BPM Suite HTML Injection Vulnerability

Red Hat JBoss BRMS is a comprehensive business process automation platform that integrates business rules management, business process management BPM and complex event processing CEP into a single open source solution. An HTML injection vulnerability exists in Red Hat JBoss BRMS and BPM Suite due...

RedHat JBoss BRMS and BPM Suite Cross-Site Scripting Vulnerability

RedHat JBoss BRMS is a comprehensive business process automation platform that integrates business rules management, business process management BPM and complex event processing CEP into a single open source solution. A cross-site scripting vulnerability exists in RedHat JBoss BRMS and BPM Suite...

chromium-browser: universal xss in chrome://apps

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page...