2 matches found
Cross site scripting
Multiple Cross Site Scripting XSS Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote Attackers to inject arbitrary web script or HTML via 1 profiledesc, aboutme, schools, occupation, companies, hobbies, favmovies, favmusic, favbooks parameters to ProfileSettings page; 2 note...
CVE-2015-4673
CVE-2015-4673 (ClipBucket) involves multiple XSS vulnerabilities in ClipBucket 2.7.0.5, where authenticated users can inject arbitrary scripts/HTML via (1) collection_description in upload/manage_collections.php (add_new action) and (2) photo_description, (3) photo_tags, or (4) photo_title in upl...