GHSA-JJWG-4948-6WXP DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer

A content editor could inject scripts in module headers/footers that would run for other users...

CVE-2025-62295 Stored XSS in SOPlanning

SOPlanning is vulnerable to Stored XSS in /groupeform endpoint. Malicious attacker with medium privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when opening editor. This issue was fixed in version 1.55...

CVE-2025-57205

iNiLabs School Express SMS Express 6.2 is affected by a Stored Cross-Site Scripting XSS vulnerability in the content-management features available to authenticated admin users. The vulnerability resides in POSTed editor parameters submitted to the /posts/edit/id endpoint and similarly in Notice a...

SUSE-SU-2017:2302-1 Security update for MozillaFirefox

Mozilla Firefox was updated to the ESR 52.3 release bsc1052829 Following security issues were fixed: MFSA 2017-19/CVE-2017-7807: Domain hijacking through AppCache fallback MFSA 2017-19/CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts MFSA 2017-19/CVE-2017-779...