Cross-Site Scripting Vulnerability in Multiple F5 Products

F5 BIG-IP LTM, etc. are products of F5 USA.LTM is a local traffic manager; APM is a set of solutions that provide secure and unified access to business-critical applications and networks. A cross-site scripting vulnerability exists in several F5 products, which can be exploited by remote attacker...

CVE-2016-5892

Cross-site scripting XSS vulnerability in IBM 10x, as used in Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications before 1.0.0.52, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-4380

Cross-site scripting XSS vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Oxwall Forum v1.8.1 - Persistent Cross Site Vulnerability

Document Title: =============== Oxwall Forum v1.8.1 - Persistent Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1740 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID VL-ID: ====================================...

ownCloud Server OCS discovery provider component cross-site scripting vulnerability

OwnCloud is a free and open source personal cloud storage solution from the German company OwnCloud; OwnCloud Server is a server version. ocs discovery provider is one of the ocs discovery provider component . A cross-site scripting vulnerability exists in the OCS discovery provider component of...

IBM WebSphere eXtreme Scale Cross-Site Scripting Vulnerability

IBM WebSphere eXtreme Scale is a distributed caching solution. A cross-site scripting vulnerability exists in IBM WebSphere Extreme Scale, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain access to sensitive information ...

WordPress Salient theme cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language, the platform supports personal blog sites on servers with PHP and MySQL.Salient is a work display theme. The WordPress Salient theme suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the...

Drupal Navigate module cross-site scripting vulnerability

Drupal is a free, open-source content management system developed in the PHP language.Navigate is one of the customizable navigation modules that supports rapid deployment. A cross-site scripting vulnerability exists in the Drupal Navigate module, which allows remote attackers to exploit the...

CVE-2014-0046

Cross-site scripting XSS vulnerability in the link-to helper in Ember.js 1.2.x before 1.2.2, 1.3.x before 1.3.2, and 1.4.x before 1.4.0-beta.6, when used in non-block form, allows remote attackers to inject arbitrary web script or HTML via the title attribute...

CVE-2013-0259

Cross-site scripting XSS vulnerability in the Boxes module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with administer or edit boxes permissions to inject arbitrary web script or HTML via the subject parameter...

CVE-2010-2000

Cross-site scripting XSS vulnerability in the Bibliography Biblio module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...

CVE-2009-4429

Cross-site scripting XSS vulnerability in the Sections module 5.x before 5.x-1.3 and 6.x before 6.x-1.3 for Drupal allows remote authenticated users with "administer sections" privileges to inject arbitrary web script or HTML via a section name aka the Name field...

cross-site scripting through window.controllers — Mozilla

shutdown demonstrated how to use the window.controllers array to bypass same-origin protections, allowing a malicious site to inject script into content from another site. This could allow the malicious page to steal information such as cookies or passwords from the other site, or perform...

security flaw

Cross-site scripting XSS vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via certain integer variables...