CVE-2017-6537

A Cross-Site Scripting XSS issue was discovered in webpagetest 3.0. The vulnerability exists due to insufficient filtration of user-supplied data bgcolor passed to the webpagetest-master/www/video/view.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context o...

CVE-2017-6541

Multiple Cross-Site Scripting XSS issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data benchmark, time passed to the webpagetest-master/www/benchmarks/viewtest.php URL. An attacker could execute arbitrary HTML and script code in...

Cross site scripting

A Cross-Site Scripting XSS issue was discovered in webpagetest 3.0. The vulnerability exists due to insufficient filtration of user-supplied data pssid passed to the webpagetest-master/www/pss.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the...

CVE-2017-6534

A Cross-Site Scripting XSS issue was discovered in webpagetest 3.0. The vulnerability exists due to insufficient filtration of user-supplied data pssid passed to the webpagetest-master/www/pss.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the...

CVE-2017-6535

Multiple Cross-Site Scripting XSS issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data benchmark, url passed to the webpagetest-master/www/benchmarks/trendurl.php URL. An attacker could execute arbitrary HTML and script code in ...

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data configs passed to the webpagetest-master/www/benchmarks/compare.php URL. An attacker could execute arbitrary HTML and script code in a browse...

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data benchmark, url passed to the webpagetest-master/www/benchmarks/trendurl.php URL. An attacker could execute arbitrary HTML and script code in ...

CVE-2017-6535

Multiple Cross-Site Scripting XSS issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data benchmark, url passed to the webpagetest-master/www/benchmarks/trendurl.php URL. An attacker could execute arbitrary HTML and script code in ...

CVE-2017-6536

CVE-2017-6536 covers multiple XSS flaws in webpagetest 3.0 where user input in the URL and pssid passed to webpagetest-master/www/weblite.php is not properly filtered. This allows an attacker to inject and execute arbitrary HTML/JavaScript in the victim’s browser within the target website’s conte...

CVE-2017-6539

Multiple Cross-Site Scripting XSS issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data benchmark, time passed to the webpagetest-master/www/benchmarks/delta.php URL. An attacker could execute arbitrary HTML and script code in a...

Bugzilla 4.4.x < 4.4.12 / 5.0.x < 5.0.3 Multiple XSS

Binary data 9988.prm...

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data cid, value, element, mode, tab, formname, id passed to the EPESI-master/modules/Utils/RecordBrowser/grid.php URL. An attacker could execute...

CVE-2017-6488

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data visible, tab, cid passed to the EPESI-master/modules/Utils/RecordBrowser/Filters/savefilters.php URL. An attacker could execute arbitrary HTML...

Cross site scripting

A Cross-Site Scripting XSS issue was discovered in reasoncms before 4.7.1. The vulnerability exists due to insufficient filtration of user-supplied data nyroModalSel passed to the "reasoncms-master/www/nyroModal/demoSent.php" URL. An attacker could execute arbitrary HTML and script code in a...

CVE-2017-6487

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data state, element, id, tab, cid passed to the "EPESI-master/modules/Utils/RecordBrowser/favorites.php" URL. An attacker could execute arbitrary HT...

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data state, element, id, tab, cid passed to the "EPESI-master/modules/Utils/RecordBrowser/favorites.php" URL. An attacker could execute arbitrary HT...

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data visible, tab, cid passed to the EPESI-master/modules/Utils/RecordBrowser/Filters/savefilters.php URL. An attacker could execute arbitrary HTML...

CVE-2017-6483

Multiple Cross-Site Scripting XSS issues were discovered in ATutor 2.2.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages langcode in themes//admin/systempreferences/languageedit.tmpl.php. An attacker could execute arbitrary HTML and script...

CVE-2017-6491

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data tooltipid, callback, args, cid passed to the EPESI-master/modules/Utils/Tooltip/req.php URL. An attacker could execute arbitrary HTML and scrip...

CVE-2017-6487

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data state, element, id, tab, cid passed to the "EPESI-master/modules/Utils/RecordBrowser/favorites.php" URL. An attacker could execute arbitrary HT...