CVE-2024-9219

The WordPress Social Share Buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.19. This makes it possible for unauthenticated attackers to inject arbitrary web...

PT-2022-24681 · U-Office · U-Office

Name of the Vulnerable Software and Affected Versions: U-Office affected versions not specified Description: The issue is related to insufficient filtering for special characters in the Force PrintMessage function. This allows an unauthenticated remote attacker to inject JavaScript, potentially...

Visa Europe Cross Site Scripting

Visa Europe Official Website Vulnerability ============================================= Published Report: 07/02/2014 Credits: Advanced Information Security Corporation, USA Severity: High/Critical OWASP TOP 10 CVSS: 7.0 Type: Web Application / Reflected Cross-Site Scripting Attack. Author:...

Oracle WebCenter Content idc/idcplg Multiple Parameter XSS

Oracle WebCenter Content script '/idc/idcplg' contains several parameters that are incorrectly filtered, including 'sltPageTitle' and 'redirectPageTitle'. This makes the WebCenter Content install susceptible to a reflected cross-site scripting attack. By tricking someone into clicking on a...