IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript ...
Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature. (CVSS:0.0) (Last Update:2021-07-26)
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect ...
Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Preferences feature. (CVSS:0.0) (Last Update:2021-07-26)
A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an ...
It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. This issue affects: OTRS AG ...
Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrong_path_redirect" feature. (CVSS:0.0) (Last Update:2021-07-26)
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster. (CVSS:0.0) (Last Update:2021-07-26)
Cross Site Scripting (XSS) vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the Tools feature. (CVSS:0.0) (Last Update:2021-07-26)
The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. This allows an attacker ...
In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. Attacker can use "update password" function to inject ...
In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. When the API functions are enabled, the attacker ...
Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature. (CVSS:0.0) (Last Update:2021-07-26)
Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such ...
Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature. (CVSS:0.0) (Last Update:2021-07-26)
In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored). (CVSS:0.0) (Last Update:2021-07-25)
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan (stored). (CVSS:0.0) (Last Update:2021-07-25)
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmprop?id= (reflected). (CVSS:0.0) (Last Update:2021-07-25)
In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected). (CVSS:0.0) (Last Update:2021-07-25)
In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected). (CVSS:0.0) (Last Update:2021-07-25)
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored). (CVSS:0.0) (Last Update:2021-07-25)
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= (reflected). (CVSS:0.0) (Last Update:2021-07-25)
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored). (CVSS:0.0) (Last Update:2021-07-25)
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored). (CVSS:0.0) (Last Update:2021-07-25)
