3 matches found
CVE-2020-36960
Forma LMS 2.3 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into user profile first and last name fields. Attackers can craft scripts like '' to execute arbitrary JavaScript when the profile is viewed by other users...
PT-2025-39857
Name of the Vulnerable Software and Affected Versions MyCourts version 3 Description A stored cross-site scripting XSS issue exists in the LTA number profile field of the MyCourts v3 application. An attacker can inject arbitrary JavaScript code into their profile. This code will then execute in t...
CVE-2018-6655
PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS via an arbitrary profile field...