DEBIAN-CVE-2012-4377

Cross-site scripting XSS vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image...

CVE-2012-4378

Multiple cross-site scripting XSS vulnerabilities in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, allow remote attackers to inject arbitrary web script or HTML via the userlang parameter to w/index.php...

UBUNTU-CVE-2012-4377

Cross-site scripting XSS vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image...

phpMyFaq admin/tags.main.php file cross-site scripting vulnerability

phpMyFAQ is phpMyFAQ team developed a set of open source fully database-driven FAQ question and answer system . The system supports multiple languages, multiple databases, etc., and includes modules such as content management system and community. A cross-site scripting vulnerability exists in th...

TP-LINK TL-MR3220 Cross-Site Scripting Vulnerability

TP-LINK TL-MR3220 wireless routers is a wireless router product from China P&L TP-LINK. A cross-site scripting vulnerability exists in the Wireless MAC Filtering page in the TP-LINK TL-MR3220 wireless router. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

Cisco WebEx Meeting Center Cross-Site Scripting Vulnerability (CNVD-2017-32118)

Cisco WebEx Meeting Center is a set of WebEx meeting solutions in the United States Cisco Cisco company's network of online meeting products. The product invites others to join the meeting via e-mail or instant messaging IM, and supports online product demonstrations, information sharing, and mor...

SAP Customer Relationship Management Java administration console cross-site scripting vulnerability

SAP Customer Relationship Management CRM is a set of customer relationship management solutions from SAP. The program includes sales management , marketing management , customer service systems and other modules . Java administration console is one of the Java administration console . A cross-sit...

Foreman Cross-Site Scripting Vulnerability (CNVD-2017-34618)

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A cross-site scripting vulnerability exists in the search auto-completion feature in Foreman versions...

WordPress uDesign Theme Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL servers to set up a personal blog site. uDesign aka U-Design is one of the theme plug-ins. A cross-site scripting vulnerability exists in WordPress...

ATutor cross-site scripting vulnerability (CNVD-2017-32279)

ATutor is an open source Web-based learning content management system LCMS developed by the ATutor team. The system includes teaching content management, forums, chat rooms and other modules. A cross-site scripting vulnerability exists in versions prior to Atutor 2.2.3, which stems from the progr...

Issuetracker phpBugTracker cross-site scripting vulnerability (CNVD-2017-30874)

Issuetracker phpBugTracker is a web-based defect tracking system. The system provides features such as project management and defect tracking services. A cross-site scripting vulnerability exists in Issuetracker phpBugTracker versions prior to 1.7.0. A remote attacker can exploit this vulnerabili...

MISP cross-site scripting vulnerability (CNVD-2017-30341)

MISP is a suite of open source software solutions for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in quickDelete in versions of MISP prior to 2.4.81. A remote attacke...

HP ArcSight Enterprise Security Manager Cross-Site Scripting Vulnerability (CNVD-2017-30915)

HP ArcSight ESM Enterprise Security Manager and ESM Express are both enterprise security management software with event correlation and security analysis capabilities from Hewlett Packard Enterprise HPE. The software collects, correlates and reports on enterprise-wide security events in real time...

CVE-2015-7980

Cross-site scripting XSS vulnerability in the Compass Rose module 6.x-1.x before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "embedding a JavaScript library from an external source that was not reliable."...

Ipython Cross-Site Scripting Vulnerability

IPython is an enhanced version of Python's native interactive shell developed by the IPython team. A cross-site scripting vulnerability exists in version 3.x of Ipython prior to 3.2. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

Cross-site scripting vulnerability in WebKit component of multiple Apple products (CNVD-2017-34457)

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems. iCloud for Windows is a cloud service based on the Windows platform. WebKit is...

Telaxus EPESI cross-site scripting vulnerability (CNVD-2017-32705)

Telaxus EPESI is a Polish company Telaxus open source customer relationship management system based on PHP/Ajax framework CRM. The system provides schedule management , multi-user address book , proxy matters and other functions . A cross-site scripting vulnerability exists in the 'Tasks...

WordPress template list view cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL servers to set up a personal blog site. template list view is one of the list view template. A cross-site scripting vulnerability exists in the...

IBM Cúram Social Program Management Cross-Site Scripting Vulnerability (CNVD-2017-33074)

IBM Curam Social Program Management SPM is a suite of social program management solutions from IBM USA. The solution supports the process of end-to-end social program delivery. A cross-site scripting vulnerability exists in IBM Curam SPM. A remote attacker could exploit this vulnerability to inje...

PYSEC-2017-17

Multiple cross-site scripting XSS vulnerabilities in the administration pages in Kallithea before 0.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 first name or 2 last name user details, or the 3 repository, 4 repository group, or 5 user group description...