CVE-2016-1564

Multiple cross-site scripting XSS vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a 1 stylesheet name or 2 template name to wp-admin/customize.php...

UBUNTU-CVE-2016-4566

Cross-site scripting XSS vulnerability in plupload.flash.swf in Plupload before 2.1.9, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via a Same-Origin Method Execution SOME attack...

UBUNTU-CVE-2016-1564

Multiple cross-site scripting XSS vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a 1 stylesheet name or 2 template name to wp-admin/customize.php...

Wordpress Scoreme Theme Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports in PHP and MySQL servers to set up a personal blog site.ScoreMe is a plugin for WordPress. A cross-site scripting vulnerability exists in Wordpress Scoreme Theme. A...

PT-2017-7998 · Red Hat · Red Hat Satellite

Name of the Vulnerable Software and Affected Versions: Red Hat Satellite 5 affected versions not specified Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The affected API...

IBM Marketing Platform Cross-Site Scripting Vulnerability

IBM Marketing Platform is a suite of marketing platforms from IBM in the United States. The platform supports marketers in leveraging and analyzing customer interactions on websites, cell phones and social media to deliver targeted marketing campaigns to customers. A cross-site scripting...

ikiwiki cross-site scripting vulnerability (CNVD-2016-03223)

Ikiwiki is a wiki compiler that supports the conversion of wiki pages into HTML pages for web publishing. A cross-site scripting vulnerability exists in the 'cgierror' function in Ikiwiki's CGI.pm file, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML...

CVE-2016-2350

Multiple cross-site scripting XSS vulnerabilities on the Accellion File Transfer Appliance FTA before FTA91240 allow remote attackers to inject arbitrary web script or HTML via unspecified input to 1 getimageajax.php, 2 movepartitionframe.html, or 3 wmInfo.html...

CVE-2016-0901

Cross-site scripting XSS vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-0900...

CVE-2016-3126

Cross-site scripting XSS vulnerability in the Management Console in BlackBerry Enterprise Server BES 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2016-1918

Cross-site scripting XSS vulnerability in the Management Console in BlackBerry Enterprise Server BES 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1917...

CVE-2016-1652

Cross-site scripting XSS vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/modulesystem.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS...

SilverStripe CMS & Framework Cross-Site Scripting Vulnerability

SilverStripe CMS & Framework is New Zealand SilverStripe company's set of open source programming framework and content management system CMS. A cross-site scripting vulnerability exists in SilverStripe CMS & Framework versions prior to 3.1.16 and 3.2.x prior to 3.2.1, which can be exploited by...

CVE-2016-4016

Cross-site scripting XSS vulnerability in SAP Manufacturing Integration and Intelligence aka MII, formerly xMII 15 allows remote attackers to inject arbitrary web script or HTML via the title parameter to webdynpro/resources/sap.com/xappsxmiiuiadminnavigation/NavigationApplication, aka SAP Securi...

IBM Financial Transaction Manager for Corporate Payment Services Cross-Site Scripting Vulnerability

IBM Financial Transaction Managerfor Corporate Payment Services is a financial transaction manager product that focuses on monitoring, tracking, and reporting financial payments and transactions. A cross-site scripting vulnerability in IBM FTM for Corporate Payment Services on multiple platforms...

UBUNTU-CVE-2015-8807

Cross-site scripting XSS vulnerability in the renderVarInputnumber function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via vectors...

LOCKON EC-CUBE Social-button Premium Plugin Cross-Site Scripting Vulnerability

LOCKON EC-CUBE is an open source e-commerce website building platform developed by Japan LOCKON Co. A cross-site scripting vulnerability exists in version 1.0 of the Social-button Premium plugin for LOCKON EC-CUBE 2.13.x. The vulnerability can be exploited to inject arbitrary Web script or HTML. ...

CVE-2016-1375

Cross-site scripting XSS vulnerability in Cisco IP Interoperability and Collaboration System 4.101 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy12339...

UBUNTU-CVE-2016-2511

Cross-site scripting XSS vulnerability in WebSVN 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter to log.php...

Menubook plugin cross-site scripting vulnerability

Menubook plugin for baserCMS is a menu list plugin for baserCMS. A cross-site scripting vulnerability in Menubook plugin for baserCMS before 0.9.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...