H-Sphere 2.x - HTML Template Inclusion Cross-Site Scripting

source: https://www.securityfocus.com/bid/7855/info H-Sphere is prone to multiple cross-site scripting vulnerabilities via the HTML template feature in the Hosting Control Panel. HTML and script code will not be filtered from pages which are generated when a request for an invalid or unknown...

ColdFusion MX - Missing Template Cross-Site Scripting

ColdFusion MX - Missing Template Cross-Site Scripting source: https://www.securityfocus.com/bid/5011/info ColdFusion MX is prone to cross site scripting attacks. Attacker-supplied script code may be included in a malicious missing template URI generated by the default Missing Template handler of...