32428 matches found
GHSA-W4FJ-87J5-F25C XWiki has Reflected Cross-Site Scripting (XSS) in page history compare
Impact A reflected cross-site scripting vulnerability XSS in the compare view between revisions of a page allows executing JavaScript code in the user's browser. If the current user is an admin, this can not only affect the current user but also the confidentiality, integrity and availability of...
EUVD-2026-22661
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...
CVE-2026-34614
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...
CVE-2026-21331
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...
CVE-2026-5754
Radware Alteon vADC load-balancer, version 34.5.4.0, contains a reflected XSS in the ReturnTo parameter of the /protected/login route due to lack of input sanitization. An attacker can craft a link that injects JavaScript, which is reflected in the victim’s browser, enabling actions such as steal...
CVE-2026-5754 Radware Alteon has a reflected XSS vulnerability
Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...
CVE-2026-21331 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...
CVE-2026-21331
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a user is convinced to visit a URL referencing a vulnerable page, malicious JavaScript may execute in the victim’s browser. This is a user-interaction–required, network-based ...
CVE-2026-34614 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...
CVE-2026-34614 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...
CVE-2026-27245
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session...
CVE-2026-27245 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session...
CVE-2026-34614
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...
CVE-2026-27245
Adobe Connect (versions 2025.3, 12.10 and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. The issue allows an attacker to lure a user to a crafted URL referencing a vulnerable page, causing malicious JavaScript to execute in the victim’s browser. The CVSS 3.1 score i...
CVE-2026-27243 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session...
CVE-2026-27243
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session...
CVE-2026-27243 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session...
CVE-2026-27243
Adobe Connect (versions 2025.3, 12.10 and earlier) contains a reflected Cross-Site Scripting (XSS) vulnerability. An attacker can lure a user to a crafted URL referencing a vulnerable page, enabling arbitrary JavaScript execution in the user’s browser with high impact to confidentiality and integ...
CVE-2025-65136
In manikandan580 School-management-system 1.0, a reflected XSS vulnerability exists in /studentms/admin/contact-us.php via the pagedes POST parameter...
CVE-2025-70936
Vtiger CRM 8.4.0 contains a reflected cross-site scripting XSS vulnerability in the MailManager module. Improper handling of user-controlled input in the folder parameter allows a specially crafted, double URL-encoded payload to be reflected and executed in the context of an authenticated user s...