CVE-2022-29487

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...

CVE-2022-28715

Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...

PT-2022-20199 · Cybozu · Cybozu Office

Name of the Vulnerable Software and Affected Versions: Cybozu Office versions 10.0.0 through 10.8.5 Description: The issue allows a remote attacker to inject an arbitrary script via unspecified vectors, exploiting a cross-site scripting vulnerability in specific parameters. Recommendations: For...

CVE-2022-35493

A Cross-site scripting XSS vulnerability in json search parse and the json response in wrteam.in, eShop - Multipurpose Ecommerce Store Website version 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the getproducts?search parameter...

CVE-2022-35493

A Cross-site scripting XSS vulnerability in json search parse and the json response in wrteam.in, eShop - Multipurpose Ecommerce Store Website version 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the getproducts?search parameter...

PT-2022-22869 · Eshop · Eshop

Name of the Vulnerable Software and Affected Versions: eShop - Multipurpose Ecommerce Store Website version 3.0.4 Description: A Cross-site scripting XSS issue exists in the json search parse and the json response, allowing remote attackers to inject arbitrary web script or HTML via the "get...

CVE-2022-30571

The iWay Service Manager Console component of TIBCO Software Inc.'s TIBCO iWay Service Manager contains easily exploitable Reflected Cross Site Scripting XSS vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's...

CVE-2022-1492

Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page...

DEBIAN-CVE-2022-1492

Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page...

CVE-2022-27168

Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors...

CVE-2022-27627

Cross-site scripting vulnerability in Organization's Information of Cybozu Garoon 4.10.2 to 5.5.1 allows a remote attacker to execute an arbitrary script on the logged-in user's web browser...

GHSA-V88G-7FX4-9Q7F Liferay Portal and Liferay DXP Cross-site scripting (XSS) vulnerability in the Document Library module

Cross-site scripting XSS vulnerability in the Document Library module's add document menu versions 5.0.6 to before 5.0.54, in Liferay Portal 7.3.0 through 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via t...

Liferay Portal and Liferay DXP Cross-site scripting (XSS) vulnerability in the Frontend JS module

Cross-site scripting XSS vulnerability in the Frontend JS module before version 4.0.18, in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20 and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the title of a...

WordPress plugin WP Statistics 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP Statistics plugin is vulnerable to a cross-site scripting vulnerability, which stems fro...

CVE-2022-22777

The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains easily exploitable Reflected Cross Site Scripting XSS vulnerabilities that allow an unauthenticated attacker with network access to execute scripts targeting the affected system or the...

CVE-2022-28717

Cross-site scripting vulnerability in RebooterWATCH BOOT nino RPC-M2C End of Sale all firmware versions, WATCH BOOT light RPC-M5C End of Sale all firmware versions, WATCH BOOT L-zero RPC-M4L End of Sale all firmware versions, WATCH BOOT mini RPC-M4H End of Sale all firmware versions, WATCH BOOT...

GHSA-FRV8-XJCP-HRM2 phpMyAdmin Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in libraries/Error.class.php in phpMyAdmin 3.x before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to a PHP backtrace and error messages aka debugging messages, a different vulnerability than CVE-2010-3056...

GHSA-FRGF-RV99-862X Roundup Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in cgi/client.py in Roundup before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the template argument to the /issue program...

GHSA-452H-RX28-49W9 MoinMoin Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the rsslink function in theme/init.py in MoinMoin before 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link...

GeSHi vulnerable to Cross-site Scripting

Cross-site scripting XSS vulnerability in contrib/langwiz.php in GeSHi before 1.0.8.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...