CVE-2022-36121

Blue Prism Enterprise 6.0–7.01 is affected by a vulnerability that exists when the Blue Prism Application server is misconfigured, allowing an authenticated user to reverse engineer the software and bypass access controls on the UpdateOfflineHelpData function. This enables changing the offline he...

Cross-site Scripting (XSS)

eclipse-emf is vulnerable to cross-site scripting XSS. The vulnerability exists as an attacker could use this flaw to perform a cross-site scripting attack against victims by tricking them into visiting a specially-crafted Eclipse Help URL...

Joomla! 2.5.x < 3.9.2 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - Stored XSS in modbanners affects Joomla 2.5.0 through 3.9.1 - Stored XSS in comcontact affects Joomla 2.5.0 through 3.9.1 - Stored XSS issue in the Global Configuration...

Design/Logic Flaw

Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll...

CVE-2013-3893

Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll...

Cross site scripting

Cross-site scripting XSS vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content."...