CVE-2019-3963

In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the patientid parameter. This could allow an attacker to execute arbitrary code in the context of a user's session...

CVE-2024-49210

Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09. A remote unauthenticated attacker could potentially exploit this by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web...

CVE-2022-40626

CVE-2022-40626 is a reflected XSS vulnerability in Zabbix Frontend. An unauthenticated user can craft a link with JavaScript in the backurl parameter and send it to authenticated users, enabling creation of a fake account with predefined login, password and role. Affected software: Zabbix Fronten...

CVE-2020-8194

Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download...

CVE-2020-8194

CVE-2020-8194 affects Citrix ADC and Citrix NetScaler Gateway (and Citrix SD-WAN WANOP family) with a remote code injection flaw described as reflected code injection. Affected versions include Citrix ADC/NetScaler Gateway before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14, and 10.5-70.18, and...