PT-2026-39605

A reflected cross-site scripted XSS vulnerability in the dfm-menu maintenance.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

CVE-2025-61311

CVE-2025-61311 describes a reflected XSS in the dfm-menu_alerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The underlying issue is an unfiltered variable value that allows arbitrary JavaScript execution in a user’s browser. Affected software is docuForm 11.11c; the vu...

CVE-2023-45137 XWiki Platform XSS with edit right in the create document form for existing pages

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. org.xwiki.platform:xwiki-platform-web starting in version 3.1-milestone-2 and prior to version 13.4-rc-1, as well as org.xwiki.platform:xwiki-platform-web-templates prior to versions 14.10.12...

PT-2022-10753 · Softvibe · Softvibe Saraban For Infoma

Name of the Vulnerable Software and Affected Versions: SoftVibe SARABAN for INFOMA version 1.1 Description: The issue allows users to store scripts in certain fields, such as subject and description, of the document form, enabling stored cross-site scripting XSS. Recommendations: For SoftVibe...