CVE-2022-27107

OrangeHRM 4.10 is vulnerable to Stored XSS in the "Share Video" section under "OrangeBuzz" via the GET/POST "createVideolinkAddress" parameter...

Orkut Cross Site Scripting

Patched as of 12/12/2009. All the test procedure along with snapshot is attached in the mail. The vulnerability exists in Video section of orkut. I took following steps to exploit the vulnerability: 1 Login in Orkut account. 2 In your video section, click on "edit description". 3 Now enter the...