CVE-2015-5734

Cross-site scripting XSS vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string...

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2015-07411)

Mozilla Firefox is an open source web browser. A cross-site scripting vulnerability exists in Mozilla Firefox for Android-based platforms that fails to properly restrict URL strings in Android intents, allowing remote attackers to exploit the vulnerability to inject malicious script or HTML code...

Cisco Social Miner Cross-Site Scripting Vulnerability

Cisco Social Miner is the United States Cisco Cisco a set of customer service systems, providing user information collection, filtering, process processing, statistical reporting and other functions. A cross-site scripting vulnerability exists in Cisco Social Miner 10.0. It allows remote attacker...

Multiple Cross-Site Scripting Vulnerabilities in Fortinet FortiManager (CNVD-2015-07355)

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and can group devices into different management domains ADOM to further simplify multi-device security deployment and managemen...

Multiple cross-site scripting vulnerabilities in Fortinet FortiManager (CNVD-2015-07354)

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and can group devices into different management domains ADOM to further simplify multi-device security deployment and managemen...

Cisco ACS Solution Engine Cross-Site Scripting Vulnerability

Cisco Secure Access Control Server ACS is a security access control server from Cisco, Inc.Solution Engine is one of the server engine solutions. Cisco Secure Access Control Server ACS version 5.70.15, an XSS vulnerability exists in the web interface of Solution Engine. A remote attacker could...

Cisco FireSight Management Center Cross-Site Scripting Vulnerability

Cisco FireSIGHT Management Center MC is the United States Cisco Cisco company's set of centralized on the Cisco ASA with FirePOWER Services and Cisco FirePOWER network security equipment management management center software. A cross-site scripting vulnerability exists in Cisco FireSight MC...

CVE-2015-5667

Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

Janitza UMG has multiple cross-site scripting vulnerabilities

The Janitza UMG is an online power quality monitor for the energy industry from Janitza Germany. The Janitza UMG 508, 509, 511, 604, 605, suffers from multiple cross-site scripting vulnerabilities. This allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Infinite Automation Mango Automation Cross-Site Scripting Vulnerability

Infinite Automation Mango Automation is the United States Infinite Automation Systems, Inc. of a set of open source Web-based SCADA data acquisition and supervisory control, HMI and automation software. A cross-site scripting vulnerability exists in Infinite Automation Mango Automation 2.5.x and...

Multiple Cross-Site Scripting Vulnerabilities in Nordex NC2

Nordex Control 2 is a web-based SCADA system for wind power stations. Multiple cross-site scripting vulnerabilities exist in the Nordex Control 2 NC2 SCADA 16 and earlier versions, Wind Farm Portal application. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTM...

CVE-2015-6477

Multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application in Nordex Control 2 NC2 SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812...

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2015-06712)

Revive Adserver is an open source ad management system from the Revive Adserver team. A cross-site scripting vulnerability exists in the plugin upgrade form of Revive Adserver versions prior to 3.2.2, which can be exploited by a remote attacker to inject arbitrary Web script or HTML with the help...

Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2015-06635)

Microsoft SharePoint Server and SharePoint Foundation are both business collaboration platforms from Microsoft Corporation. A cross-site scripting vulnerability exists in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1. A remote attacker can exploit this vulnerability to...

WordPress Appointment Booking Calendar Plugin Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation, and Appointment Booking Calendar is one of the appointment calendar plugins. A cross-site scripting vulnerability exists in the cpabcappointmentsadminintbookingslist.inc.php script in...

Web Reference Database and bleeding-edge cross-site scripting vulnerabilities

Web Reference Database a.k.a. refbase is a web-based multi-user interface product developed by the refbase community to provide search tools and automated indexing for the management of scientific literature. bleeding-edge is a downloadable version. A cross-site scripting vulnerability exists in...

IBM Emptoris Supplier Lifecycle Management and Emptoris Program Management Cross-Site Scripting Vulnerabilities

IBM Emptoris Supplier Lifecycle Management is a suite of supply chain lifecycle management programs from IBM in the United States. A cross-site scripting vulnerability in IBM Emptoris Supplier Lifecycle Management and Emptoris Program Management allows remote attackers to inject arbitrary web...

WordPress Gallery - Photo Albums - Portfolio plugin cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Gallery - Photo Albums - Portfolio is a combination plugin for creating photo galleries, photo albums and rotating video and audio. A cross-site scripting...

Web Reference Database Cross-Site Scripting Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. Multiple scripts in Web Reference Database fail to adequately filter multiple parameters, allowing remote attackers to exploit vulnerabilities t...