27433 matches found
GHSA-6565-FG86-6JCX Django Cross-site Scripting Vulnerability
Cross-site scripting XSS vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonlyfields, as demonstrated by an @property...
Django Cross-site Scripting Vulnerability
Cross-site scripting XSS vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonlyfields, as demonstrated by an @property...
Dolibarr ERP and CRM contain Cross-site Scripting Vulnerability
Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.5 and 3.6 allow remote attackers to inject arbitrary web script or HTML via the Business Search searchnom field to 1 htdocs/societe/societe.php or 2 htdocs/societe/admin/societe.php...
GHSA-JQMR-WQGP-8MH2 phpMyAdmin cross-site scripting Vulnerability in Table or Column Names
Multiple cross-site scripting XSS vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 table name or 2 column name that is improperly handled...
GHSA-P632-5W74-X8XX phpMyAdmin Cross-site scripting (XSS) vulnerability via pageNumber value
Cross-site scripting XSS vulnerability in libraries/schema/ExportRelationSchema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schemaexport.php...
GHSA-5XMG-W578-GQ5J Joomla! Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in libraries/idnaconvert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...
TYPO3 Backend component Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the Backend component in TYPO3 6.2.x before 6.2.19 allows remote attackers to inject arbitrary web script or HTML via the module parameter when creating a bookmark...
GHSA-5FQ5-PFV8-MRFV MoinMoin Cross-site Scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
MoinMoin Cross-site Scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-84JM-CPC5-C7G7 Plone XSS in Zope ZMI
Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...
Plone XSS in Zope ZMI
Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...
Cherry Music Cross-site Scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist...
GHSA-48Q3-M4HF-56C9 TeamPass vulnerable to Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 label value of an item or 2 name of a role...
TeamPass vulnerable to Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 label value of an item or 2 name of a role...
GHSA-R346-RMRG-QPGH Improper Neutralization of Input During Web Page Generation in RESTEasy
Cross-site scripting XSS vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Improper Neutralization of Input During Web Page Generation in RESTEasy
Cross-site scripting XSS vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-4XH9-5VH8-3P58 Yii Framework Reflected XSS
Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...
GHSA-JJ4J-CWGQ-FX7G ViMbAdmin Cross-site Scripting Vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to inject arbitrary web script or HTML via the 1 domain or 2 transport parameter to domain/add; the 3 name parameter to mailbox/add/did/; the 4 goto parameter to alias/add/did/; or the 5 captchatext...
ViMbAdmin Cross-site Scripting Vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to inject arbitrary web script or HTML via the 1 domain or 2 transport parameter to domain/add; the 3 name parameter to mailbox/add/did/; the 4 goto parameter to alias/add/did/; or the 5 captchatext...
GHSA-HHFW-XXHM-PF32 ADOdb Cross-site scripting vulnerability in old test script
Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...