powermail extension for TYPO3 has Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the powermail extension before 1.6.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

GHSA-GW2Q-CGVQ-9G3V Roundup Cross-site scripting (XSS) vulnerability

Cross-site Scripting XSS vulnerability in cgi/client.py in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the @action parameter to support/issue1...

GHSA-MCCQ-3M7H-FJXG Roundup Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the history display in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via a username, related to generating a link...

GHSA-4MM3-XGC2-656R Static Methods since 2007 (div2007) extension for TYPO3 vulnerable to Cross-site Scripting

Cross-site scripting XSS vulnerability in the Static Methods since 2007 div2007 extension before 0.10.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the t3libdiv::quoteJSvalue function...

PT-2022-16185 · Aruba · Aruba Clearpass Policy Manager

Name of the Vulnerable Software and Affected Versions: Aruba ClearPass Policy Manager versions 6.10.4 and below Aruba ClearPass Policy Manager versions 6.9.9 and below Aruba ClearPass Policy Manager versions 6.8.9-HF2 and below Aruba ClearPass Policy Manager versions 6.7.x and below Description: ...

vamoscycling.com Cross Site Scripting vulnerability OBB-2620156

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

recintosertanejo.com Cross Site Scripting vulnerability OBB-2620076

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

GHSA-3XJQ-8J89-XRW9 Jenkins Badge Plugin cross-site scripting vulnerability

A persisted cross-site scripting vulnerability exists in Jenkins Badge Plugin 1.4 and earlier in BadgeSummaryAction.java, HtmlBadgeAction.java that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user...

GHSA-CHVW-GJXF-F8MC Plone vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in the ZMI page in Zope2 in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

GHSA-GGJM-7M5F-7XJV MantisBT allows XSS via the Manage Filter page

A cross-site scripting XSS vulnerability in the Manage Filters page managefilterpage.php in MantisBT 2.1.0 through 2.17.1 allows remote attackers if access rights permit it to inject arbitrary code if CSP settings permit it through a crafted project name...

CVE-2022-29433 https://patchstack.com/database/vulnerability/nd-donations/wordpress-donations-plugin-1-8-authenticated-stored-cross-site-scripting-xss-vulnerability

Authenticated contributor or higher role Cross-Site Scripting XSS vulnerability in Donations plugin = 1.8 on WordPress...

Moodle Cross-site Scripting

An issue was discovered in Moodle 3.x. An authenticated user is allowed to add HTML blocks containing scripts to their Dashboard; this is normally not a security issue because a personal dashboard is visible to this user only. Through this security vulnerability, users can move such a block to...

YUI Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 3.2.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, allows remote attackers to inject arbitrary we...

Cross site scripting

A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0...

rodneyparkdds.com Cross Site Scripting vulnerability OBB-2616032

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

erp.sertronics.nl Cross Site Scripting vulnerability OBB-2614725

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

dauntless-soft.com Cross Site Scripting vulnerability OBB-2614654

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

soralven-camping.com Cross Site Scripting vulnerability OBB-2612758

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

sharonmorgenstern.com Cross Site Scripting vulnerability OBB-2612091

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ml.hasiru.net Cross Site Scripting vulnerability OBB-2610306

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...