JSF: XSS due to insufficient escaping of user-supplied content in outputText tags and EL expressions

It was found that Mojarra JavaServer Faces did not properly escape user-supplied content in certain circumstances. Contents of outputText tags and raw EL expressions that immediately follow script or style elements were not escaped. A remote attacker could use a specially crafted URL to execute...

Mozilla Firefox Multiple Vulnerability July-08 (Windows)

The host is installed with Mozilla Firefox browser, that is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbfirefoxmultvulnjuly08win.nasl 6519 2017-07-04 14:08:14Z cfischer $ Mozilla Firefox Multiple Vulnerability July-08 Windows Authors: Chandan S Copyright: Copyright c 2008...

CVE-2006-5703

Cross-site scripting XSS vulnerability in tiki-featuredlink.php in Tikiwiki 1.9.5 allows remote attackers to inject arbitrary web script or HTML via a url parameter that evades filtering, as demonstrated by a parameter value containing malformed, nested SCRIPT elements...