3 matches found
CVE-2024-33328
A cross-site scripting XSS vulnerability in the component main.jsp of Lumisxp v15.0.x to v16.1.x allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the pageId parameter...
GHSA-4GFX-P2J4-W2VH Alkacon OpenCMS XSS via title and requestedResource parameters
Multiple cross-site scripting XSS vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 title parameter to system/workplace/views/admin/admin-main.jsp or the 2 requestedResource parameter to system/login/index.html...
SearchBlox Reflective Cross-Site Scripting Vulnerability
SearchBlox is an enterprise search solution built on Lucene. SearchBlox suffers from a reflected cross-site scripting vulnerability. Because input passed to the "/searchblox/admin/main.jsp" script via the "menu2" HTTP GET parameter is not properly filtered before being returned to the user, a...