CVE-2022-23047

Exponent CMS 2.6.0patch2 allows an authenticated admin user to inject persistent JavaScript code inside the "Site/Organization Name","Site Title" and "Site Header" parameters while updating the site settings on "/exponentcms/administration/configuresite"...

Code injection

Exponent CMS 2.6.0patch2 allows an authenticated admin user to inject persistent JavaScript code inside the "Site/Organization Name","Site Title" and "Site Header" parameters while updating the site settings on "/exponentcms/administration/configuresite"...

Palo Alto Network Cortex XSOAR 跨站脚本漏洞

Palo Alto Networks Cortex Xsoar is a Security Orchestration Automation and Response Soar platform from Palo Alto Networks, USA. A cross-site scripting vulnerability exists in Palo Alto Networks Cortex XSOAR that allows an attacker to store a persistent javascript exploit code that could lead to t...

Bookly #1 WordPress Booking Plugin (Lite) <= 13.2 – Unauthenticated Blind Stored XSS

An unauthenticated user can inject arbitrary persistent javascript code in the admin panel via Bookly plug-in...

HP Laser Jet - JavaScript Persistent Cross-Site Scripting via PJL Directory Traversal

HP Laser Jet - JavaScript Persistent Cross-Site Scripting via PJL Directory Traversal !/usr/bin/perl use strict; use warnings; use IO::Socket::INET; my $host = $ARGV0; Exploit Title: HP Laser Jet Persistent Javascript Cross Site Scripting via PJL Google Dork: n/a Date: 4/22/14 Exploit Author:...

CVE-2008-3622

Cross-site scripting XSS vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injection."...