CVE-2021-41467

Cross-site scripting XSS vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter...

CVE-2017-7871

trollepierre/tdm before 2017-04-13 is vulnerable to a reflected XSS in tdm-master/webhook.php challenge parameter...

Cross-site scripting in application/controllers/dropbox.php in JustWriting

Cross-site scripting XSS vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter...