CVE-2010-3882

Multiple cross-site scripting XSS vulnerabilities in CMS Made Simple 1.7.1 and earlier allow remote attackers to inject arbitrary web script or HTML via input to the 1 Add Pages, 2 Add Global Content, 3 Edit Global Content, 4 Add Article, 5 Add Category, 6 Add Field Definition, or 7 Add Shortcut...

CVE-2011-3998

Cross-site scripting XSS vulnerability in Apple WebObjects 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-8757

Cross-site scripting XSS vulnerability in the Extension Manager in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to extension data during an extension installation...

CVE-2018-18676

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board tail contents" parameter, aka the adm/boardformupdate.php bomobilecontenttail parameter...

CVE-2013-4507

Cross-site scripting XSS vulnerability in CollectiveAccess Providence and Pawtucket before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-4378

Cross-site scripting XSS vulnerability in HtmlSessionInformationsReport.java in JavaMelody 1.46 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted X-Forwarded-For header...

CVE-2012-2741

Cross-site scripting XSS vulnerability in publichtml/lists/admin/ in phpList before 2.10.18 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a reconcileusers action...

CVE-2012-5548

Cross-site scripting XSS vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-5541

Cross-site scripting XSS vulnerability in the Twitter Pull module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.0-rc3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "data coming from Twitter."...

CVE-2012-2595

Multiple cross-site scripting XSS vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors involving special characters in parameters...

CVE-2012-2590

Multiple cross-site scripting XSS vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted SRC attribute of an IFRAME element, 3 a crafted CONTENT attribute of an...

CVE-2012-2587

Multiple cross-site scripting XSS vulnerabilities in AfterLogic MailSuite Pro 6.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with a crafted SRC attribute of 1 an IFRAME element or 2 a SCRIPT element...

CVE-2011-0462

Multiple cross-site scripting XSS vulnerabilities in the login page in the webui component in SUSE openSUSE Build Service OBS before 2.1.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2018-15633

Cross-site scripting XSS issue in "document" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted attachment filenames...

CVE-2015-1619

Cross-site scripting XSS vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway MEG 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest...

CVE-2012-1290

Cross-site scripting XSS vulnerability in b2b/auction/container.jsp in the Internet Sales crm.b2b module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the loadPage parameter...

CVE-2012-1252

Cross-site scripting XSS vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a feed, a different vulnerability than CVE-2006-4760...

CVE-2012-1254

Cross-site scripting XSS vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-1562

Multiple cross-site scripting XSS vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 search parameter to admin/usermanagement.php, 2 datasearch parameter to /admin/profiledata.php, or 3 filter parameter to errorlog.php...

CVE-2012-1087

Cross-site scripting XSS vulnerability in the Post data records to facebook bcpost2facebook extension before 0.2.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...