CVE-2019-3963

In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the patientid parameter. This could allow an attacker to execute arbitrary code in the context of a user's session...

The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to execute the displayed HTML code.

The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability allows a malicious actor to execute arbitrary reflected HTML code remotely...

CVE-2024-49210

Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09. A remote unauthenticated attacker could potentially exploit this by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web...

CVE-2022-40626

CVE-2022-40626 is a reflected XSS vulnerability in Zabbix Frontend. An unauthenticated user can craft a link with JavaScript in the backurl parameter and send it to authenticated users, enabling creation of a fake account with predefined login, password and role. Affected software: Zabbix Fronten...

CVE-2020-8194

Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download...

CVE-2020-8194

CVE-2020-8194 affects Citrix ADC and Citrix NetScaler Gateway (and Citrix SD-WAN WANOP family) with a remote code injection flaw described as reflected code injection. Affected versions include Citrix ADC/NetScaler Gateway before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14, and 10.5-70.18, and...