CVE-2016-5148

Cross-site scripting XSS vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS UXSS."...

CVE-2016-7033

Multiple cross-site scripting XSS vulnerabilities in the admin pages in dashbuilder in Red Hat JBoss BPM Suite 6.3.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-5721

Multiple cross-site scripting XSS vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-6365

Cross-site scripting XSS vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518...

CVE-2016-6359

Cross-site scripting XSS vulnerability in Cisco Transport Gateway Installation Software 4.14.0 on Smart Call Home Transport Gateway devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug IDs CSCva40650 and CSCva40817...

CVE-2016-3195

Cross-site scripting XSS vulnerability in the Web-UI in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-3194

Cross-site scripting XSS vulnerability in the address added page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-4168

Cross-site scripting XSS vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Tenable Network Security Tenable Nessus Cross-Site Scripting Vulnerability (CNVD-2016-06082)

Tenable Network Security Tenable Nessus is an open source vulnerability scanner from Tenable Network Security, USA. A cross-site scripting vulnerability exists in versions of Tenable Network Tenable Nessus prior to 6.8, which stems from the software failing to properly filter user-submitted input...

CVE-2016-4833

Cross-site scripting XSS vulnerability in the Nofollow Links plugin before 1.0.11 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Novell Filr Cross-Site Scripting Vulnerability (CNVD-2016-05959)

Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. A cross-site scripting vulnerability exists in Novell Filr 1.2 Security Update 2 and earlier and 2.0 Security Update 1 and earlier. The vulnerability can be exploited by a remote attacker to inject arbitrary we...

Collectd-web 'ajax_post.php' cross-site scripting vulnerability

Collectd-web is a set of web-based front-end tools for collectd to collect RRD data. Collectd-web suffers from a cross-site scripting vulnerability that allows remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when...

Cisco WebEx Meetings Server Cross-Site Scripting Vulnerability (CNVD-2016-04942)

Cisco WebEx Meetings Server CWMS is the United States Cisco Cisco WebEx meeting program in a set of multifunctional meeting solutions that include audio, video and Web conferencing. A cross-site scripting vulnerability exists in Cisco WebEx Meetings Server CWMS version 2.6. A remote attacker can...

IBM Jazz Reporting Service (JRS) Cross-Site Scripting Vulnerability

IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a cross-site scripting vulnerability in the Report Builder and Data Collection Component DCC implementations. A remote attacker could exploit this...

PT-2016-5990 · Bosch Rexroth · Bladecontrol-Webvis

Name of the Vulnerable Software and Affected Versions: Rexroth Bosch BLADEcontrol-WebVIS versions 3.0.2 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors, potentially leading to...

IBM Cognos Business Intelligence Cognos TM1 Cross-Site Scripting Vulnerability

IBM Cognos Business Intelligence BI is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in making adjustments to their decisions by analyzing key factors and key stakeholders, etc. IBM Cogn...

phpMyAdmin cross-site scripting vulnerability (CNVD-2016-04565)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A cross-site scripting vulnerability exists in...

CVE-2016-2862

Cross-site scripting XSS vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 before 7.0.0.9 cumulative iFix 3, and 8.0 before 8.0.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

DEBIAN-CVE-2016-5733

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted table name that is mishandled during privilege checking in...

UBUNTU-CVE-2016-5733

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted table name that is mishandled during privilege checking in...