GHSA-3P86-XGRQ-M6P6 Improper Neutralization of Input During Web Page Generation in Apache Tomcat

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

Cross site scripting

SuiteCRM 7.11.13 is affected by stored Cross-Site Scripting XSS in the Documents preview functionality. This vulnerability could allow remote authenticated attackers to inject arbitrary web script or HTML...

CVE-2015-7453

Cross-site scripting XSS vulnerability in IBM Rational Collaborative Lifecycle Management CLM 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager RQM 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x...

CVE-2017-9767

Multiple cross-site scripting XSS vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the 1 Name or 2 Description parameter to RM/Reservation/ReserveNew; the 3 Description parameter to RM/Topology/Update; the 4 Name, 5...

CVE-2015-5481

Cross-site scripting XSS vulnerability in forms/panels.php in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter in the gdbbpressattachments page to wp-admin/edit.php...

CVE-2012-4844

Cross-site scripting XSS vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-4157

Multiple cross-site scripting XSS vulnerabilities in index.php in the ProofReader comproofreader component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in 1 404 or 2 error pages...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Xigla Absolute Banner Manager XE 2.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the text parameter in 1 searchbanners.asp and 2 listadvertisers.asp, and other unspecified fields. NOTE: some of these...

CVE-2006-4376

Multiple cross-site scripting XSS vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the 1 profilnr and 2 sprache parameters in the main portion of the portal, the 3 suchstring...

CVE-2006-3247

Multiple cross-site scripting XSS vulnerabilities in show.php in GL-SH Deaf Forum 6.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 search, 2 page, and 3 action parameters. NOTE: the provenance of this information is unknown; the details are obtained solely...

Cross site scripting

Cross-site scripting XSS vulnerability in the URL submission form in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to inject arbitrary web script or HTML via an unspecified form for submitting URLs...