27433 matches found
Plone Zope cross-site scripting (XSS) vulnerability
Multiple cross-site scripting XSS vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the 1 browseridmanager or 2...
GHSA-4793-W44W-M7XM Plone Zope cross-site scripting (XSS) vulnerability
Multiple cross-site scripting XSS vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the 1 browseridmanager or 2...
Jenkins allows Cross-Site Scripting (XSS)
Cross-site scripting XSS vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...
GHSA-3P86-XGRQ-M6P6 Improper Neutralization of Input During Web Page Generation in Apache Tomcat
Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...
MoinMoin Cross-site Scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI...
GHSA-FC72-V54C-X9JG MoinMoin Cross-site Scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI...
feedparser Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas...
phpMyAdmin Cross-site Scripting In MySQL Table Name
Cross-site scripting XSS vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table...
GHSA-C73W-4RCJ-2622 Typo3 API Install Tool vulnerable to Cross-site Scripting
Cross-site scripting XSS vulnerability in the Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...
TYPO3 API function vulnerable to Cross-site Scripting
Cross-site scripting XSS vulnerability in the t3libdiv::quoteJSvalue API function in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the sanitizing...
Typo3 API Install Tool vulnerable to Cross-site Scripting
Cross-site scripting XSS vulnerability in the Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...
Buildbot vulnerable to cross-site scripting
Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...
GHSA-MJ3X-WPRP-MVJ9 Buildbot vulnerable to cross-site scripting
Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...
GHSA-JQQH-999X-W26W Buildbot Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Buildbot Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross-site scripting in Apache Tomcat
Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...
MoinMoin Cross-site scripting (XSS) vulnerability in the antispam feature
Cross-site scripting XSS vulnerability in the antispam feature security/antispam.py in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content...
MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers to inject arbitrary web script or HTML via an AttachFile action to the WikiSandBox component with 1 the rename parameter or 2 the drawing parameter aka the basename variable...
GHSA-7HJM-HQGJ-XV9F MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers to inject arbitrary web script or HTML via an AttachFile action to the WikiSandBox component with 1 the rename parameter or 2 the drawing parameter aka the basename variable...
GHSA-C372-X57P-6X7V Apache Geronimo Application Server multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 ip, 3 username, or 4 description parameter to console/portal/Server/Monitorin...