BIT-ODOO-2021-44775

Cross-site scripting XSS issue in Website app of Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents...

BIT-LIMESURVEY-2020-25798

A stored cross-site scripting XSS vulnerability in LimeSurvey before and including 3.21.1 allows authenticated users with correct permissions to inject arbitrary web script or HTML via parameter ParticipantAttributeNamesDropdown of the Attributes on the central participant database page. When the...

BIT-DRUPAL-2020-9281

A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...

BIT-LIMESURVEY-2022-48010

LimeSurvey v5.4.15 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /index.php/surveyAdministration/rendersidemenulink?subaction=surveytexts. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into...

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2024-12706)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7,...

Online Mobile Store Management System Cross-Site Scripting Vulnerability

Online Mobile Store Management System is an online mobile store management system. A cross-site scripting vulnerability exists in Online Mobile Store Management System version 1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the /?p=products file, and ca...

IBM CICS TX Advanced Cross-Site Scripting Vulnerability (CNVD-2024-12700)

IBM CICS TX Advanced is a transaction processing monitoring system from International Business Machines IBM for running large-scale, high-transaction-volume applications in enterprise environments. A cross-site scripting vulnerability exists in IBM CICS TX Advanced version 10.1, which stems from...

D-Link GO-RT-AC750 Cross-Site Scripting Vulnerability

The D-Link GO-RT-AC750 is a wireless dual-band simple router from China's AUO D-Link. The D-Link GO-RT-AC750 suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in components such as dlapn.cgi and dldongle.cgi, which...

CVE-2024-27684

A Cross-site scripting XSS vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750A1FWv101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter...

Cross site scripting

A Cross-site scripting XSS vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750A1FWv101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter...

CVE-2024-27684

A Cross-site scripting XSS vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750A1FWv101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter...

CVE-2024-27684

A Cross-site scripting XSS vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750A1FWv101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in RenderTune v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Upload Title parameter...

CVE-2024-22936

Cross-site scripting XSS vulnerability in Parents & Student Portal in Genesis School Management Systems in Genesis AIMS Student Information Systems v.3053 allows remote attackers to inject arbitrary web script or HTML via the message parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in Parents & Student Portal in Genesis School Management Systems in Genesis AIMS Student Information Systems v.3053 allows remote attackers to inject arbitrary web script or HTML via the message parameter...

Liferay Portal 7.4.x < 7.4.3.102 XSS

The version of Liferay Portal installed on the remote host is prior to 7.4.3.102. It is, therefore, affected by a vulnerability as referenced in the advisory. - Stored cross-site scripting XSS vulnerability in the Document and Media widget in Liferay Portal 7.4.3.18 through 7.4.3.101, and Liferay...

Cross-Site Scripting(XSS)

Liferay Portal and Liferay DXP are vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization in the HtmlUtil.escapeJsLink method, This flaws allowing remote attackers to inject arbitrary web script or HTML via crafted javascript: style links...

Cross-site Scripting (XSS)

Liferay Portal is vulnerable to stored cross-site scripting. The vulnerability is due to the improper neutralization of input during web page generation which allows remote authenticated users to inject arbitrary web script or HTML via a crafted payload injected into the first/middle/last name te...

Cross-site Scripting (XSS)

Liferay Portal is vulnerable to stored cross-site scripting XSS. The vulnerability is due to improper neutralization of input during web page generation which allows remote authenticated users to inject arbitrary web script or HTML via a crafted payload injected into the name text field of a...

Cross-site Scripting (XSS)

Liferay Portal is vulnerable to Stored cross-site scripting XSS. The vulnerability is due to inadequate input validation, allowing remote authenticated users to inject arbitrary web script or HTML via a crafted payload into a document's “Title” text field...