3 matches found
CVE-2023-48824
BoidCMS 2.0.1 is vulnerable to Multiple Stored Cross-Site Scripting XSS issues via the title, subtitle, footer, or keywords parameter in a page=create action...
CVE-2021-38267
Cross-site scripting XSS vulnerability in the Blogs module's edit blog entry page in Liferay Portal 7.3.2 through 7.3.6, and Liferay DXP 7.3 before fix pack 2 allows remote attackers to inject arbitrary web script or HTML via the comliferayblogswebportletBlogsAdminPortlettitle and...
CVE-2018-14690
An issue was discovered in Subsonic 6.1.1. The general settings are affected by two stored cross-site scripting vulnerabilities in the title and subtitle parameters to generalSettings.view that could be used to steal session information of a victim...