CVE-2022-42236

A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form...

CVE-2022-42236

A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form...

Cross site scripting

A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form...

CVE-2022-40180

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

CVE-2022-40182

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

PT-2022-26323 · Unknown · Student Clearance System

Name of the Vulnerable Software and Affected Versions: Student Clearance System version 1.0 Description: A Stored XSS issue allows the injection of arbitrary JavaScript in the Student registration form. Recommendations: For version 1.0, update the Student registration form to properly sanitize us...

CVE-2022-42235

A Stored XSS issue in Student Clearance System v.1.0 allows the injection of arbitrary JavaScript in the Student registration form...

CVE-2022-42236

A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form...

CVE-2022-42235

A Stored XSS issue in Student Clearance System v.1.0 allows the injection of arbitrary JavaScript in the Student registration form...

Google Chrome 103.0.5060.53 Autofill Assistant Universal Cross Site Scripting Vulnerability

Chrome: Universal XSS in Autofill Assistant VULNERABILITY DETAILS From the Autofill Assistant README file1: Autofill Assistant is an execution engine to run user journeys on websites given a set of actions. These actions include clicking on buttons or scrolling to an element. They also provide a...

Google Chrome 103.0.5060.53 Autofill Assistant Universal Cross Site Scripting

Chrome: Universal XSS in Autofill Assistant VULNERABILITY DETAILS From the Autofill Assistant README file1: Autofill Assistant is an execution engine to run user journeys on websites given a set of actions. These actions include clicking on buttons or scrolling to an element. They also provide a...

CVE-2021-42046

An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript...

CVE-2022-39053

Heimavista Rpage has insufficient filtering for platform web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS Reflected Cross-Site Scripting attack...

Cross site scripting

Cowell enterprise travel management system has insufficient filtering for special characters within web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS Reflected Cross-Site Scripting attack...

CVE-2022-39054 COWELL INFORMATION SYSTEM CO., LTD. enterprise travel management system - Reflected XSS

Cowell enterprise travel management system has insufficient filtering for special characters within web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS Reflected Cross-Site Scripting attack...

CVE-2022-39035 Smart eVision - Stored XSS

Smart eVision has insufficient filtering for special characters in the POST Data parameter in the specific function. An unauthenticated remote attacker can inject JavaScript to perform XSS Stored Cross-Site Scripting attack...

IBM Application Gateway 跨站脚本漏洞

IBM Application Gateway is an application gateway from International Business Machines IBM, Inc. provides a containerized, secure Web reverse proxy that is designed to sit in front of your application, seamlessly adding authentication and authorization protection to your application.A cross-site...

Reflected Cross-Site Scripting (XSS)

com.liferay:com.liferay.fragment.renderer.collection.filter.impl is vulnerable to reflected cross-site scripting attacks. The library does not properly escape parameters with the filter prefix, allowing an attacker to inject and execute malicious javascript...

Cross-site Scripting (XSS)

microweber/microweber is vulnerable to cross-site scripting. The vulnerability exists due to the vulnerable microweber-templates/bootstrap5, microweber-templates/new-world and microweber-templates/shopmag dependencies used in composer.json, allowing an attacker to inject and execute malicious...

Cross-site Scripting (XSS)

smarty/smarty is vulnerable to cross-site scripting. The vulnerability exists because the smartyfunctionmailto function of function.mailto.php does not properly escape the GET and POST input parameters, allowing an attacker to inject and execute malicious javascript...