DEBIAN-CVE-2010-2479

Cross-site scripting XSS vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross-Site Scripting Vulnerability in Interstage Portalworks and Interstage Interaction Manager Portal Function

Overview The portal function of Interstage Portalworks and Interstage Interaction Manager is vulnerable to cross-site scripting. Impact A remote attacker could execute arbitrary scripts on the affected browser. Solution Please refer to the 'Vendor Information' section for the official...

CVE-2010-2355

Cross-site scripting XSS vulnerability in error.php in Pilot Group PG eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2010-2273

Multiple cross-site scripting XSS vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to...

DEBIAN-CVE-2010-2275

Cross-site scripting XSS vulnerability in dijit/tests/testCommon.js in Dojo Toolkit SDK before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/testButton.html...

CVE-2010-2040

Cross-site scripting XSS vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter...

CVE-2010-2030

Cross-site scripting XSS vulnerability in the External Link Page module 5.x before 5.x-1.0 and 6.x before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to the administration and redirect pages...

UBUNTU-CVE-2010-1195

Cross-site scripting XSS vulnerability in the htmlscrubber component in ikiwiki 2.x before 2.53.5 and 3.x before 3.20100312 allows remote attackers to inject arbitrary web script or HTML via a crafted data:image/svg+xml URI...

CVE-2009-4694

RadScripts RadLance Gold 7.5 is affected by CVE-2009-4694: an XSS vulnerability in index.php via the fid parameter in a view_forum action. The vulnerability permits remote script/HTML injection, potentially impacting user sessions. According to NVD, the CVSS2 base score is 4.3 (Medium) with vecto...

CVE-2010-0726

Cross-site scripting XSS vulnerability in the tb-send.rb TrackBack transmission plugin in tDiary 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly related to the 1 plugintburl and 2 plugintbexcerpt parameters...

CVE-2009-4589

Cross-site scripting XSS vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter...

DEBIAN-CVE-2008-7250

Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists...

Xss Discuz! version 5.0.0 RC1

No description provided by source. Xss Discuz! version 5.0.0 RC1 Author: SpiderZ Sito: http://www.spiderz.altervista.org Sito2: https://www.spiderz.netsons.org Download Board : http://www.discuz.com File: usearch.html ?site=www.discuz.net&kw= Message Script:...

PT-2009-4833 · Red Hat · Red Hat Jboss Enterprise Application Platform

Name of the Vulnerable Software and Affected Versions: Red Hat JBoss Enterprise Application Platform versions 4.2.0 through 4.2.0.CP07, 4.2.2GA and earlier, 4.3 versions prior to 4.3.0.CP07, 5.1.0GA and earlier Description: The issue affects the Web Console in the Application Server, allowing...

CVE-2009-3618

Cross-site scripting XSS vulnerability in viewvc.py in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the view parameter. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in Opera 9 and 10 allows remote attackers to inject arbitrary web script or HTML via a 1 RSS or 2 Atom feed, related to the rendering of the application/rss+xml content type as "scripted content." NOTE: the vendor reportedly considers this behavior a "design...

DEBIAN-CVE-2009-2967

Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...

PYSEC-2009-2

Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...

CVE-2009-2959

Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

PYSEC-2009-1

Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...