CVE-2022-50681

A reflected cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via administration input fields in the Rich text editor component. Attackers can exploit this vulnerability to execute arbitrary scripts in users' browsers...

PT-2025-52303

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A reflected cross-site scripting issue exists in Kentico Xperience. This allows attackers to inject malicious scripts through administration input fields within the Rich text editor...

CVE-2025-41036

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAdmindescription', 'dataAdminfname' and 'dataAdminlname' parameters in /apprain/admin/account/edit...

CVE-2025-41036

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAdmindescription', 'dataAdminfname' and 'dataAdminlname' parameters in /apprain/admin/account/edit...

CVE-2022-23321

A persistent cross-site scripting XSS vulnerability exists on two input fields within the administrative panel when editing users in the XMPie UStore application on version 12.3.7244.0...

Cxuucms 跨站脚本漏洞

CxuuCms is an easy-to-use, open source PHP+Mysql based content management system. A cross-site scripting vulnerability exists in CXUUCMS V3. An attacker can exploit this vulnerability to conduct cross-site scripting attacks via the first and third input fields of /public/admin.php...

CVE-2006-1775

Multiple cross-site scripting XSS vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the 1 Site Description field in a adminboard.php, the 2 Group name and 3 Group description fields in b admingroups.php and c groupcp.php, the 4 Theme Name field in d...