27433 matches found
Mayan EDMS multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in apps/common/templates/calculateformtitle.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a 1 tag or the 2 title of a source in a Staging folder, 3 Name field in a bootstrap setup, or Title fie...
Fat Free CRM subject to Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in app/views/layouts/application.html.haml in Fat Free CRM before 0.13.3 allow remote attackers to inject arbitrary web script or HTML via the 1 username, 2 first name, or 3 last name in a a create or b edit user action...
GHSA-HR59-35CR-QF43 Plone Cross-site scripting Vulnerability
Cross-site scripting XSS vulnerability in safehtml.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors...
Plone Cross-site scripting Vulnerability
Cross-site scripting XSS vulnerability in safehtml.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors...
GHSA-Q46G-V7R4-9VHR Plone Cross-site scripting Vulnerability
Cross-site scripting XSS vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Plone Cross-site scripting Vulnerability
Cross-site scripting XSS vulnerability in pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "u,translate."...
Plone Cross-site scripting Vulnerability
Cross-site scripting XSS vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Plone Cross-site scripting Vulnerability
Cross-site scripting XSS vulnerability in widgettraversal.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-5P69-RMX8-7GW7 phpMyAdmin Multiple XSS Vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in the PMAunInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a 1 database name, 2 table name, or 3 column name that is not properly handled after an...
phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to 1...
phpMyAdmin Multiple XSS Vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in the PMAunInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a 1 database name, 2 table name, or 3 column name that is not properly handled after an...
Improper Neutralization of Input During Web Page Generation in Apache Solr
Cross-site scripting XSS vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache object...
ZF-Commons ZfcUser Vulnerable to XSS in Login Redirect
Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...
The Preview plugin in CKEditor allows Cross-site scripting (XSS)
Cross-site scripting XSS vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-66VJ-393F-HXFV OpenStack Swift Cross-site Scriping vulnerability
Cross-site scripting XSS vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header...
OpenStack Swift Cross-site Scriping vulnerability
Cross-site scripting XSS vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header...
GHSA-9GQJ-PPV2-F2HQ Cross-site Scripting in SmartyException
Cross-site scripting XSS vulnerability in the SmartyException class in Smarty aka smarty-php before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception...
Cross-site Scripting in SmartyException
Cross-site scripting XSS vulnerability in the SmartyException class in Smarty aka smarty-php before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception...
GHSA-XX7M-8RQ2-CW2V TYPO3 CMS indexed search Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in the search result view in the Indexed Search indexedsearch component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors...
TYPO3 CMS indexed search Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in the search result view in the Indexed Search indexedsearch component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors...