Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting XSS vulnerability in the Apache Solr Search solr extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

MoinMoin Multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in macro/AdvancedSearch.py in moin and MoinMoin 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Trac Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

GHSA-6CJ8-C359-P7Q9 Drupal vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...

GHSA-54QJ-48VX-CR9F Django Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request...

GHSA-F98P-9PP6-7Q6C Apache Tomcat Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter aka the hostname attribute to host-manager/html/add...

Apache Tomcat Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter aka the hostname attribute to host-manager/html/add...

Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF)

Cross-site scripting XSS vulnerability in Sun Java Server Faces JSF 1.2 before 1.208 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

GHSA-Q74X-QQHR-F8RX Apache Tomcat Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method...

MoinMoin Multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 message, 2 pagename, and 3 target filenames. The issue was fixed on db212dfc58ef...

MoinMoin Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in MoinMoin 1.5.x through 1.5.8 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the login action...

GHSA-RM26-W253-9QV7 Apache Struts Dojo Plugin XSS Vulnerability

Multiple cross-site scripting XSS vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving 1 xipclient.html and 2 xipserver.html in src/io/...

Apache Struts Dojo Plugin XSS Vulnerability

Multiple cross-site scripting XSS vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving 1 xipclient.html and 2 xipserver.html in src/io/...

Apache Tomcat's CookieExample Vulnerable to XSS

Multiple cross-site scripting XSS vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 Name or 2 Value field, related to error messages...

GHSA-WJWR-3JCH-479J Apache Tomcat SendMailServlet XSS

Cross-site scripting XSS vulnerability in SendMailServlet in the examples web application examples/jsp/mail/sendmail.jsp in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, relat...

Apache Tomcat SendMailServlet XSS

Cross-site scripting XSS vulnerability in SendMailServlet in the examples web application examples/jsp/mail/sendmail.jsp in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, relat...

Trac Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the "download wiki page as text" feature in Trac before 0.10.3.1, when Microsoft Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

GHSA-XMC9-6P56-3C4V Apache Tomcat XSS In Accept-Language Headers

Cross-site scripting XSS vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616"...

MoinMoin Multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in MoinMoin before 1.5.7 allow remote attackers to inject arbitrary web script or HTML via 1 the page info, or the page name in a 2 AttachFile, 3 RenamePage, or 4 LocalSiteMap action...

GHSA-P57V-P3FX-QGWM Apache Tomcat XSS Vulnerability

Cross-site scripting XSS vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values...