GHSA-994G-74GQ-5QPR XSS in baserCMS

Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

XSS in baserCMS

Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

XSS in baserCMS

Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

GHSA-Q9G7-PFF4-548R Gleez Cms Cross-site Scripting in Profile Page

Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting XSS vulnerability in Profile page that can result in injection of arbitrary web script or HTML via the profile page editor. The victim must navigate to the attacker's profile page to exploit this vulnerability...

Improper Neutralization of Input During Web Page Generation in JAMon

Multiple cross-site scripting XSS vulnerabilities in JAMon Java Application Monitor 2.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 listenertype or 2 currentlistener parameter to mondetail.jsp or ArraySQL parameter to 3 mondetail.jsp, 4 jamonadmin.jsp, 5...

GHSA-8699-M855-CWQF Cross-site scripting in Elasticsearch

Cross-site scripting XSS vulnerability in the CORS functionality in Elasticsearch before 1.4.0.Beta1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Apache OpenMeetings Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event...

GHSA-GW38-MXR2-RM8R Apache OpenMeetings Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event...

Apache OpenMeetings Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the SWF panel in Apache OpenMeetings before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the swf parameter...

GHSA-633W-W2PF-X84R Apache OpenMeetings Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the SWF panel in Apache OpenMeetings before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the swf parameter...

Plone XSS

Cross-site scripting XSS vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

Plone vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in the ZMI page in Zope2 in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

GHSA-C78G-QWPW-2JGV Improper Neutralization of Input During Web Page Generation in Apache Tomcat

Multiple cross-site scripting XSS vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 orderBy or 2 sort parameter to sessionsList.jsp, or unspecified input to 3...

GHSA-6WFJ-2MW7-P5CG phpMyAdmin micro history Implementation XSS Vulnerability

Cross-site scripting XSS vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery CSRF attack to crea...

GHSA-MWM8-36C5-J5CF phpMyAdmin Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message...

phpMyAdmin Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message...

phpMyAdmin XSS Vulnerability

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a 1 table name, 2 SET value, 3 search query, or 4 hostname in a Location header...

GHSA-PW34-QF6C-84FC phpMyAdmin XSS Vulnerability

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a 1 table name, 2 SET value, 3 search query, or 4 hostname in a Location header...

phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database name or 2 table name, related to the...

GHSA-Q586-XPWR-JC3J phpMyAdmin cross-site scripting vulnerability in crafted view name

A cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...