Request Tracker 跨站脚本漏洞

Request Tracker is a problem and ticket tracking system developed by Request Tracker Inc. Versions 5.0.4 to 5.0.9, as well as 6.0.0 to 6.0.2, have a cross-site scripting vulnerability. This vulnerability stems from the Page parameter in GET requests, which may lead to reflective cross-site...

OrientDB 跨站脚本漏洞

OrientDB is an open-source multi-model database developed by OrientDB. Version 3.0.17 of OrientDB has a cross-site scripting vulnerability. This vulnerability stems from improper handling of JSON payloads submitted to the document endpoint, which may lead to reflective cross-site scripting attack...

WordPress plugin Aruba HiSpeed Cache 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress plugin Address Bar Ads 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2025-54861

A reflected cross-site scripting xss vulnerability exists in the modifyCoercion functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

WordPress plugin Shabat Keeper 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Stumble! for WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site scriptin...

Kentico Xperience 跨站脚本漏洞

Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted payload...

Kentico Xperience 跨站脚本漏洞

Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the administration interface, which can be exploited by an attacker to execute...

MailEnable 跨站脚本漏洞

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied da...

Saysis Starcities 跨站脚本漏洞

Saysis Starcities is an application from the Turkish company Saysis. A cross-site scripting vulnerability exists in Saysis Starcities versions prior to 1.1.61, which stems from improper input neutralization during web page generation and could lead to a reflective cross-site scripting attack...

Cisco Identity Services Engine 跨站脚本漏洞

Cisco Identity Services Engine Cisco ISE is an environment-aware platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users, and devices, and develops and enforces policies to regulate the network. A cross-site scripting vulnerability...

WordPress plugin Trinity Audio 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

Esri Portal For ArcGIS 跨站脚本漏洞

Esri Portal For ArcGIS is a component of Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site scripting vulnerability exists in Esri Portal For ArcGIS 11.4 and prior versions that originates from unvalidated...

Apt-Cacher-NG 跨站脚本漏洞

Apt-Cacher-NG is a cache proxy service from the Apt-Cacher-NG open source. A cross-site scripting vulnerability exists in Apt-Cacher-NG version 3.2.1, which stems from improper handling of GET inputs contained in URLs in the file /acng-report.html, and could lead to a reflective cross-site...

Moodle Cross-Site Scripting Vulnerability (CNVD-2025-09235)

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from a cross-site scripting vulnerability that stems from insufficient return URL cleanup in the policy tool,...

Yordam Library Automation System 跨站脚本漏洞

Yordam Library Automation System is an application from Yordam, Inc. A cross-site scripting vulnerability exists in Yordam Library Automation System prior to version 21.6 that stems from improper input neutralization and could lead to a reflective cross-site scripting attack...

SoftCOM iKSORIS 跨站脚本漏洞

SoftCOM iKSORIS is an application from SoftCOM, Inc. A cross-site scripting vulnerability exists in SoftCOM iKSORIS versions prior to 79.0, which stems from a reflective cross-site scripting attack that could lead to malicious script execution...

Clinic Queuing System 跨站脚本漏洞

Clinic Queuing System is a clinic queuing system by the individual developer Carlo Montero. A cross-site scripting vulnerability exists in Clinic Queuing System version 1.0, which stems from a reflective cross-site scripting attack that could execute JavaScript code via a malicious URL...

WordPress plugin SimpleForm Contact Form Submissions 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin SimpleForm Contact Form...