CVE-2013-7275

Cross-site scripting XSS vulnerability in misc.php in MyBB aka MyBulletinBoard before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via the editor parameter in a smilie list popup...

CVE-2013-7231

Cross-site scripting XSS vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-5222...

CVE-2013-3589

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter...

CVE-2013-3652

Cross-site scripting XSS vulnerability in data/class/pages/products/LCPageProductsList.php in LOCKON EC-CUBE 2.11.0 through 2.12.4 allows remote attackers to inject arbitrary web script or HTML via vectors involving the classcategoryid2 field, a different vulnerability than CVE-2013-3653...

CVE-2013-1749

Cross-site scripting XSS vulnerability in edit.php in PHP Address Book 8.2.5 allows user-assisted remote attackers to inject arbitrary web script or HTML via the Address field...

CVE-2013-1159

Cross-site scripting XSS vulnerability in the Netcool Impact NCI web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56706...

CVE-2013-6794

Cross-site scripting XSS vulnerability in the Calendar module in Olat 7.8.0.1 b20130821 N1 allows remote attackers to inject arbitrary web script or HTML via the Location field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2013-2309

Cross-site scripting XSS vulnerability in the management screen in OpenPNE 3.4.x before 3.4.21.1, 3.6.x before 3.6.9.1, and 3.8.x before 3.8.5.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the "mobile version color scheme."...

CVE-2013-2583

Multiple cross-site scripting XSS vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev16, 6.22.0 before rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allow remote attackers to inject arbitrary web script or HTML via 1 a javascript: URL, 2 malformed nested...

CVE-2013-4705

Cross-site scripting XSS vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding...

CVE-2013-4620

Cross-site scripting XSS vulnerability in interface/main/onotes/officecommentsfull.php in OpenEMR 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the note parameter...

CVE-2017-1000457

Cross-site scripting XSS vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or...

CVE-2019-9541

: Information Exposure vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling System versions prior to 4.1.5.5...

CVE-2019-20154

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM v5.4. A cross-site scripting XSS vulnerability in multiple getchart.jsp parameters allows remote attackers to inject arbitrary web script or HTML...

CVE-2019-17524

An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the "Connected Clients" field to /wlanAccess.asp. An intranet host can use a crafted hostname to exploit this...

CVE-2011-3384

Cross-site scripting XSS vulnerability in the Sage add-on 1.3.10 and earlier for Firefox allows remote attackers to inject arbitrary web script or HTML via a crafted feed, a different vulnerability than CVE-2009-4102...

CVE-2011-2410

Cross-site scripting XSS vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-2509

Multiple cross-site scripting XSS vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to the comcontact component, as demonstrated by the Itemid parameter to index.php; 2 the query string to the comcontent component, as...

CVE-2015-6510

Multiple cross-site scripting XSS vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 srctrack, 2 usemfstmpsize, or 3 usemfsvarsize parameter to systemadvancedmisc.php; the 4 port, 5 snaplen, or 6 count parameter to diagpacketcapture.php...

CVE-2015-8037

Multiple cross-site scripting XSS vulnerabilities in the Graphical User Interface GUI in Fortinet FortiManager before 5.2.4 allow remote attackers to inject arbitrary web script or HTML via the 1 SOMVpnSSLPortalDialog or 2 FGDMngUpdHistory...