WordPress plugin 跨站脚本漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. Wordpress Social Share, Social Login and Social Comments has a cross-site scripting vulnerability that can be exploited by attackers to inject JavaScript and perform reflective XSS attacks...

CVE-2020-18259

ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting XSS vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields...

Ignite Realtime Openfire Cross-Site Scripting Vulnerability

Ignite Realtime Openfire is a cross-platform open source Real-Time Collaboration RTC server developed by the Ignite Realtime community in Java and based on XMPP formerly known as Jabber, Instant Messaging Protocol, which is capable of building efficient instant messaging servers and supporting te...

Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-18336)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A reflective cross-site scripting vulnerability exists in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9. The...

Alkacon OpenCms Cross-Site Scripting Vulnerability (CNVD-2019-40077)

OpenCms is Alkacon launched a company written in Java, an open source content management system . Multiple reflective and stored cross-site scripting vulnerabilities exist in the administrative interface of system/workplace/ in Alkacon OpenCms 10.5.4, 10.5.5. An attacker can exploit this...

Joomla! cross-site scripting vulnerability (CNVD-2018-17882)

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A reflective cross-site scripting vulnerability exists in the language switching...

Reflective Cross-Site Scripting Vulnerability in DedeCMS V5.7 SP2

Weaving dream content management system DedeCms is a PHP open source website management system. A reflective cross-site scripting vulnerability exists in DedeCMS V5.7 SP2. The attacker constructs XSS statements and performs pop-up box operations to obtain user cookies and other information...

PHPCMS V9 Full Version Has Reflective XSS Vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. PHPCMS V9 full version of the existence of reflective XSS vulnerability, an attacker can use this vulnerability to web form to insert XSS execution code, pop-up box operation, access to user cookies and other sensitive...

WordPress plugin zibbra suffers from a reflective cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A reflective cross-site scripting vulnerability exists in the WordPress plugin zibbra 'GetAuthDetails.html.php' page, as the program fails to effectively filter...

jenkins: Reflective XSS vulnerability (SECURITY-171, SECURITY-177)

Two cross-site scripting XSS flaws were found in Jenkins. A remote attacker could use these flaws to conduct XSS attacks against users of an application using Jenkins...