CVE-2013-5319

Cross-site scripting XSS vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa...

CVE-2013-0582

Cross-site scripting XSS vulnerability in IBM Tivoli Federated Identity Manager TFIM 6.2.0 before 6.2.0.12, 6.2.1 before 6.2.1.5, and 6.2.2 before 6.2.2.4 and Tivoli Federated Identity Manager Business Gateway TFIMBG 6.2.0 before 6.2.0.12 and 6.2.1 before 6.2.1.5 allows remote attackers to inject...

CVE-2019-13463

An XSS vulnerability in qcopd-shortcode-generator.php in the Simple Link Directory plugin before 7.3.5 for WordPress allows remote attackers to inject arbitrary web script or HTML, because eschtml is not called for the "echo getthetitle" or "echo $term-name" statement...

CVE-2015-5519

Cross-site scripting XSS vulnerability in the applyConvolution demo in WideImage 11.02.19 allows remote attackers to inject arbitrary web script or HTML via the matrix parameter to demo/index.php...

CVE-2016-3968

Multiple cross-site scripting XSS vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web scrip...

CVE-2019-7409

Multiple cross-site scripting XSS vulnerabilities in ProfileDesign CMS v6.0.2.5 allows remote attackers to inject arbitrary web script or HTML via the 1 page, 2 gbs, 3 side, 4 id, 5 imgid, 6 cat, or 7 orderby parameter...

CVE-2019-14315

A cross-site scripting XSS vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditorFuncNum parameter...

CVE-2019-5997

Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vectors...

CVE-2019-11359

Cross-site scripting XSS vulnerability in display.php in I, Librarian 4.10 allows remote attackers to inject arbitrary web script or HTML via the project parameter...

CVE-2018-17021

Cross-site scripting XSS vulnerability on ASUS GT-AC5300 devices with firmware through 3.0.0.4.38432738 allows remote attackers to inject arbitrary web script or HTML via the appGet.cgi hook parameter...

CVE-2018-15634

Cross-site scripting XSS issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via a crafted link...

CVE-2019-6031

Cross-site scripting vulnerability in KINZA for Windows version 5.9.2 and earlier and for Mac version 5.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via RSS reader...

CVE-2013-0319

Cross-site scripting XSS vulnerability in the Yandex.Metrics module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to the Yandex.Metrica service data...

CVE-2011-5307

Cross-site scripting XSS vulnerability in index.php in the PhotoSmash plugin 1.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter...

CVE-2011-5186

Cross-site scripting XSS vulnerability in jbshop.php in the jbShop plugin for e107 7 allows remote attackers to inject arbitrary web script or HTML via the itemid parameter...

CVE-2012-3551

Cross-site scripting XSS vulnerability in crowbarframework/app/views/support/index.html.haml in the Crowbar barclamp in Crowbar, possibly 1.4 and earlier, allows remote attackers to inject arbitrary web script or HTML via the file parameter to /utils...

CVE-2012-2446

Cross-site scripting XSS vulnerability in tools/locallookup.php in the WebAdmin Portal in Netsweeper allows remote attackers to inject arbitrary web script or HTML via the group parameter in a lookup action...

CVE-2013-4167

Cross-site scripting XSS vulnerability in CMS Made Simple CMSMS before 1.11.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-4052

Multiple cross-site scripting XSS vulnerabilities in Jease before 2.9, when creating a comment, allow remote attackers to inject arbitrary web script or HTML via the 1 author, 2 subject, or 3 comment parameter...

CVE-2010-1079

Cross-site scripting XSS vulnerability in Sawmill before 7.2.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...