GitLab CE and EE Cross-Site Scripting Vulnerability (CNVD-2019-06641)

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. A cross-site scriptin...

idreamsoft iCMS cross-site scripting vulnerability (CNVD-2018-14096)

idreamsoft iCMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in versions of idreamsoft iCMS prior to 7.0.10. The vulnerability can be exploited by a remote attacker to inject arbitrary web script or HTML via the fourth and fif...

Cisco Unified Presence Cross-Site Scripting Vulnerability (CNVD-2018-14097)

Cisco Unified Communications Manager CUCM, Unified CM is a call processing component of a unified communications system from Cisco.Cisco Unified Communications Manager IM and Presence Cisco Unified Communications Manager IM and Presence Service is a CUCM-based instant messaging IM and status...

Rocket.Chat Cross-Site Scripting Vulnerability

Rocket.Chat is an open source built in JavaScript using the Meteor fullstack framework developed by the Web chat server . A cross-site scripting vulnerability exists in the registration form of Rocket.Chat versions prior to 0.66. A remote attacker can exploit this vulnerability to inject arbitrar...

Atlassian Fisheye and Crucible Cross-Site Scripting Vulnerabilities (CNVD-2018-13083)

Atlassian FishEye and Crucible are both products of the Australian company Atlassian, FishEye is a suite of software for deep viewing of source code repositories and Crucible is a suite of code review tools. A cross-site scripting vulnerability exists in the review attachment resource in Atlassia...

PHP Scripts Mall Auditor Website Cross-Site Scripting Vulnerability

PHP Scripts Mall Auditor Website is an accounting auditor website system script by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Auditor Website version 2.0.1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with th...

Grails Fields Plugin Cross-Site Scripting Vulnerability

Grails Fields plugin is a field property definition plugin . A cross-site scripting vulnerability exists in the use of display tags in Grails Fields plugin version 2.2.7. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

CVE-2018-7475

Cross-site scripting XSS vulnerability for webdav/ticket/ URIs in IceWarp Mail Server 12.0.3 allows remote attackers to inject arbitrary web script or HTML...

CVE-2018-0565

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

MyBB Recent Threads plugin cross-site scripting vulnerability

MyBB aka MyBulletinBoard is a free and web-based forum software developed by the MyBB team using PHP and MySQL.Recent Threads plugin is used in which a plugin for displaying recent and unread messages. A cross-site scripting vulnerability exists in versions of the MyBB Recent Threads plugin prior...

phpMyAdmin cross-site scripting vulnerability (CNVD-2018-11976)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A cross-site scripting vulnerability exists in the...

Open Monograph Press Cross-Site Scripting Vulnerability

Public Knowledge Project PKP Open Monograph Press OMP is an open source software platform for scholarly publishing. The platform is used to manage and edit workflows to produce and distribute scholarly publications through internal and external review and editing. A cross-site scripting...

Samsung Web Viewer for Samsung DVR Cross-Site Scripting Vulnerability

Samsung smart Viewer is a TV connectivity software from Samsung. A cross-site scripting vulnerability in Samsung Web Viewer for Samsung DVR allows remote attackers to inject arbitrary web script or HTML using the vulnerability...

Sonatype Nexus Repository Manager Cross-Site Scripting Vulnerability (CNVD-2018-11638)

Sonatype Nexus Repository Manager aka NXRM is a maven repository manager. A cross-site scripting vulnerability exists in Sonatype NXRM versions prior to 3.12.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the Administration UI...

Ximdex Cross-Site Scripting Vulnerability

Ximdex is a content and data management system. The system includes features such as an intelligent search engine, information aggregation, image and text recognition. A cross-site scripting vulnerability exists in the account creation page in Ximdex version 4.0. A remote attacker can exploit thi...

Synology Drive File Sharing Notify Toast Cross-Site Scripting Vulnerability

Synology Drive is a collaboration suite from Synology that includes document management, collaboration and file synchronization and backup features.File Sharing Notify Toast is one of the file sharing components. A cross-site scripting vulnerability exists in File Sharing Notify Toast in Synology...

ClipperCMS Cross-Site Scripting Vulnerability (CNVD-2018-10866)

ClipperCMS is a content management system CMS. A cross-site scripting vulnerability exists in the 'Module name' field under the 'Modules - Manage modules - edit' tag in ClipperCMS version 1.3.3. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

i18next Cross-Site Scripting Vulnerability

i18next is a translation loading framework written in JavaScript. A cross-site scripting vulnerability exists in i18next 2.0.0 and later versions, which stems from the program failing to encode user input. A remote attacker can exploit the vulnerability to inject arbitrary web script or HTML...

MyBB Moderator Log Notes Plugin Cross-Site Scripting Vulnerability

MyBB aka MyBulletinBoard is MyBB team developed a set of PHP and MySQL development of free and Web-based forum software . Moderator Log Notes plugin is used in which a management log records plugin . A cross-site scripting vulnerability exists in version 1.1 of the MyBB Moderator Log Notes plugin...

Micro Focus Universal CMDB, CMS and UCMDB Browser Cross-Site Scripting Vulnerabilities

Micro Focus Universal CMDB, CMS and UCMDB Browser are all products of Micro Focus, a UK-based company. Micro Focus Universal CMDB is a resource management solution; CMS is a CMDB configuration management system; UCMDB Browser is a lightweight, web-based client for accessing UCMDB Universal...