27433 matches found
Apache Jackrabbit contains Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to 1 search.jsp or 2 swr.jsp...
GHSA-6FXV-38XC-H866 Apache Jackrabbit contains Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to 1 search.jsp or 2 swr.jsp...
CVE-2021-31673
A Dom-based Cross-site scripting XSS vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter...
Cross site scripting
A Dom-based Cross-site scripting XSS vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter...
Plone Cross-site Scripting vulnerability in the LiveSearch module
Cross-site scripting XSS vulnerability in the LiveSearch module in Plone before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the Description field for search results, as demonstrated using the onerror Javascript even in an IMG tag...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting XSS vulnerability in the Apache Solr Search solr extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in macro/AdvancedSearch.py in moin and MoinMoin 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-X6JF-C7WH-7M7W Trac Cross-site Scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
Trac Cross-site Scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
GHSA-6CJ8-C359-P7Q9 Drupal vulnerable to Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...
GHSA-PM5M-9H5R-XCRG phpMyAdmin extension for TYPO3 has Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in the phpMyAdmin phpmyadmin extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
phpMyAdmin extension for TYPO3 has Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in the phpMyAdmin phpmyadmin extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-54QJ-48VX-CR9F Django Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request...
GHSA-F98P-9PP6-7Q6C Apache Tomcat Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter aka the hostname attribute to host-manager/html/add...
Apache Tomcat Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter aka the hostname attribute to host-manager/html/add...
Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jsp
Cross-site scripting XSS vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the searchfilter parameter, a different vector than CVE-2008-1510...
GHSA-4R3G-W24C-GPR6 Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jsp
Cross-site scripting XSS vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the searchfilter parameter, a different vector than CVE-2008-1510...
Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF)
Cross-site scripting XSS vulnerability in Sun Java Server Faces JSF 1.2 before 1.208 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
GHSA-Q74X-QQHR-F8RX Apache Tomcat Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method...
GHSA-8FJ9-PJ4P-4VQ7 MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 certain input processed by formatter/textgedit.py aka the gui editor formatter; 2 a page name, which triggers an injection in PageEditor.py when the...