WordPress Contact Us Page - Contact People plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Contact Us Page - Contact People plugin, which stems from insufficient input cleanup and escaping, and can be...

PT-2025-26694 · Unknown · Wrc-1167Ghbk2-S

Name of the Vulnerable Software and Affected Versions: WRC-1167GHBK2-S affected versions not specified Description: The issue is a stored cross-site scripting vulnerability in the WebGUI of the product. If exploited, an arbitrary script may be executed on the web browser of the user who accessed...

CVE-2025-6512

On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights...

JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from a cross-site...

JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

Cross-site Scripting (XSS)

Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Activity Feed Attachments endpoint. An attacker can execute arbitrary scripts in the context of...

WordPress plugin 3D FlipBook 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin FlipBook 1.16.15 and previous versions exist cross-site scripting vulnerability, the...

WordPress plugin Automatically Hierarchic Categories in Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Automatically Hierarchic Categories in Menu plugin, which stems from the application's lack of effective filtering a...

WordPress plugin CP Polls 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress CP Polls plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, whi...

Rail Pass Management System /contact.php file cross-site scripting vulnerability

Rail Pass Management System is a rail pass management system. A cross-site scripting vulnerability exists in Rail Pass Management System due to improper handling of the parameter Name in the /contact.php file. The vulnerability can be exploited by an attacker to execute malicious scripts on an...

Rail Pass Management System /admin/aboutus.php file cross-site scripting vulnerability

Rail Pass Management System is a rail pass management system. The Rail Pass Management System suffers from a cross-site scripting vulnerability that occurs due to unfiltered pagedes parameters of an unknown function in the /admin/aboutus.php file. The vulnerability can be exploited by an attacker...

OpenList (frontend) allows XSS Attacks in the built-in Markdown Viewer

XSS via .py file containing script tag interpreted as HTML Summary A vulnerability exists in the file preview/browsing feature of the application, where files with a .py extension that contain JavaScript code wrapped in tags may be interpreted and executed as HTML in certain modes. This leads to ...

CVE-2025-45661

A cross-site scripting XSS vulnerability in miniTCG v1.3.1 beta allows attackers to execute abritrary web scripts or HTML via injecting a crafted payload into the id parameter at /members/edit.php...

firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Error handling for script execution is incorrectly isolated from web content, which could allow cross-origin leak attacks...

WordPress Backup and Staging by WP Time Capsule plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Backup and Staging by WP Time Capsule plugin that stems from improper input neutralization and can be exploited by a...

Astra Linux - уязвимость в git

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Error handling for script execution is incorrectly isolated from web content, which could allow cross-origin leak attacks...

firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Error handling for script execution is incorrectly isolated from web content, which could allow cross-origin leak attacks...

firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Error handling for script execution is incorrectly isolated from web content, which could allow cross-origin leak attacks...

firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Error handling for script execution is incorrectly isolated from web content, which could allow cross-origin leak attacks...