e-Excellence U-Office Force 跨站脚本漏洞

e-Excellence U-Office Force is an e-Office platform from China's First Class Technology e-Excellence. U-Office Force suffers from a cross-site scripting vulnerability that stems from insufficient filtering of special characters in its Buletin feature, which allows an unauthenticated, remote...

Ragic 跨站脚本漏洞

Ragic is a No Code enterprise e-enablement tool from China Immediate Technology Ragic. A cross-site scripting vulnerability exists in versions of Ragic prior to 2022/06/28, which stems from insufficient filtering of special characters on the report generation page and can be exploited by a remote...

CVE-2022-40184

Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option...

CVE-2022-36783 AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS)

AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...

Hospital Management System 跨站脚本漏洞

Hospital Management System HMS is a computer system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. hospital Management System v4.0 is vulnerable to a cross-site scripting vulnerability that originates in the add-patient. php file, severa...

Hospital Management System 跨站脚本漏洞

Hospital Management System HMS is a computer system that helps manage health care-related information and helps health care providers do their jobs efficiently. hospital Management System v4.0 contains a cross-site scripting vulnerability that originates in the view-patient .php and...

CVE-2022-42236

A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form...

CVE-2022-42236

A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form...

Cross site scripting

A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form...

CVE-2022-40180

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

CVE-2022-40182

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

CVE-2022-42236

A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form...

PT-2022-26323 · Unknown · Student Clearance System

Name of the Vulnerable Software and Affected Versions: Student Clearance System version 1.0 Description: A Stored XSS issue allows the injection of arbitrary JavaScript in the Student registration form. Recommendations: For version 1.0, update the Student registration form to properly sanitize us...

CVE-2022-42235

A Stored XSS issue in Student Clearance System v.1.0 allows the injection of arbitrary JavaScript in the Student registration form...

CVE-2022-42235

A Stored XSS issue in Student Clearance System v.1.0 allows the injection of arbitrary JavaScript in the Student registration form...

Google Chrome 103.0.5060.53 Autofill Assistant Universal Cross Site Scripting Vulnerability

Chrome: Universal XSS in Autofill Assistant VULNERABILITY DETAILS From the Autofill Assistant README file1: Autofill Assistant is an execution engine to run user journeys on websites given a set of actions. These actions include clicking on buttons or scrolling to an element. They also provide a...

Google Chrome 103.0.5060.53 Autofill Assistant Universal Cross Site Scripting

Chrome: Universal XSS in Autofill Assistant VULNERABILITY DETAILS From the Autofill Assistant README file1: Autofill Assistant is an execution engine to run user journeys on websites given a set of actions. These actions include clicking on buttons or scrolling to an element. They also provide a...

CVE-2021-42046

An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript...

CVE-2022-39053

Heimavista Rpage has insufficient filtering for platform web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS Reflected Cross-Site Scripting attack...

Cross site scripting

Cowell enterprise travel management system has insufficient filtering for special characters within web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS Reflected Cross-Site Scripting attack...