Flatboard version 3.2 suffers from a persistent cross site scripting vulnerability.
219357d7f08636e31a5e04cf4c5eacdc2e724a224d82b37b34b7040e003fe8d5
Red Hat Security Advisory 2024-4057-03 - Release of OpenShift Serverless Logic 1.33.0. Issues addressed include cross site scripting and denial of service vulnerabilities.
68314117cd947ce031325efcf1691e33cd733d49701f9712ea20e953079252a1
Microweber version 2.0.15 suffers from a persistent cross site scripting vulnerability.
bc5f31437cdc3b2035b17ca3b2950b4cf584eac427c398fd1c4e2f3f28b25118
Premium Support Tickets For WHMCS version 1.2.10 suffers from a cross site scripting vulnerability.
0b98e620a6ee83502076b64abb1b54bea994147d96f0c0f880577b2df8b36393
AEGON LIFE version 1.0 suffers from a persistent cross site scripting vulnerability.
7eceb05ddd8cbd642dccde5405d50cae94f5207cbef2af0b913bb1a391ba70ac
Lost and Found Information System version 1.0 suffers from a reflective cross site scripting vulnerability.
075bae0f3073aeafd6f4cb516ed784fe8d11ba07aa216df25c0eb9c8235cf759
Lost and Found Information System version 1.0 suffers from a persistent cross site scripting vulnerability.
df973d3074e051a08dcb9a9e07fa3df6582f74a0030c02786fb1aedfa590b1c4
Carbon Forum version 5.9.0 suffers from a persistent cross site scripting vulnerability.
0275740466e4849423d62587753fa66335d2a4cb87f615eb7dc13dda378872d2
XMB version 1.9.12.06 suffers from a persistent cross site scripting vulnerability.
b18b7ade8c93d26089ad547c0a84b59c6125527787f375a74692835723a66dd1
Ubuntu Security Notice 6825-1 - It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 16.04 LTS. It was discovered that ADOdb was incorrectly handling GET parameters in test.php. A remote attacker could possibly use this issue to execute cross-site scripting attacks. This issue only affected Ubuntu 16.04 LTS.
01e0f44081269e85a54c1d9b8ba563fa88ee4b62bc5f34527ee8158874e4e2ff
Red Hat Security Advisory 2024-3781-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include HTTP request smuggling, buffer overflow, code execution, cross site scripting, denial of service, memory exhaustion, null pointer, and password leak vulnerabilities.
97582fd49f5e2d746ce75f2c7f0477643a47ef5538d5de3b9d00c3c7df43d95b
Kiuwan SAST versions prior to 2.8.2402.3, Kiuwan Local Analyzer versions prior to master.1808.p685.q13371, and Kiuwan SaaS versions prior to 2024-02-05 suffer from XML external entity injection, cross site scripting, insecure direct object reference, and various other vulnerabilities.
6af5ef942877432434cbf024cf41b29e270c93717f04c0f42c420899c400c4ef
SEH utnserver Pro/ProMAX and INU-100 version 20.1.22 suffers from cross site scripting, denial of service, and file disclosure vulnerabilities.
67806c2f4c3195737e32e0a53dfdc16ae12e9f9db70895d10ba1b259619c40f6
Small CRM version 1.0 suffers from a cross site scripting vulnerability.
d3c65dad3d94dd12450fd90ffd20f512c45e1635bc0844b5a8f21ce0eaac14f9
Northwind Demo version 1.0 suffers from persistent cross site scripting vulnerability.
be16ac3b1273454f36fe0ca68ec44bfb633b1180198ddcd594f8325e20a41718
Sitefinity version 15.0 suffers from a persistent cross site scripting vulnerability.
e3828dd1dfdea72d17946ff9f4387ec885ff60da39add68c558e1ebdc4eb08ba
iMLog versions prior to 1.307 suffer from a persistent cross site scripting vulnerability.
41363b501e8b38ba3e267a44d4da15c2e44e3c8e7251c38bd295cdf08bd7d310
ORing IAP-420 version 2.01e suffers from remote command injection and persistent cross site scripting vulnerabilities.
28abb60f6782915fe5d445adb98b15cb9953faaf9cc843956f9c44bd40922a89
Ubuntu Security Notice 6787-1 - It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject arbitrary HTML attribute keys and values to potentially execute a cross-site scripting attack.
5fb19612eaef3e824fef107b74a6791c85cf91717d71f96ab90d4a98e0def10e
HAWKI version 1.0.0-beta.1 before commit 146967f suffers from cross site scripting, arbitrary file overwrite, and session fixation vulnerabilities.
dfca73f84c2fb3bf8edc1b2f48f75be2dbaaae19ce18c9d800d8ca4a7c98f67a
Ubuntu Security Notice 6788-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
2ba9114499615625ceec3aef13282d48432167a8d10e47afc3ee65f19e05d3e3
Debian Linux Security Advisory 5699-1 - Multiple cross-site scripting vulnerabilities were found in Redmine, a project management web application.
8ccdf18f5aa689e7ce489e58e7238e0dea2c1e410a864ffd0488c844c3677af8
Jcow Social Networking versions 14.2 up to 16.2.1 suffer from a persistent cross site scripting vulnerability.
8ff452224b5c44a006c708f69ef20ee895de407da9b77ccc1fefea5c2352b824
NorthStar C2, prior to commit 7674a44 on March 11 2024, contains a vulnerability where the logs page is vulnerable to a stored cross site scripting issue. An unauthenticated user can simulate an agent registration to cause the cross site scripting attack and take over a users session. With this access, it is then possible to run a new payload on all of the NorthStar C2 compromised hosts (agents), and kill the original agent. Successfully tested against NorthStar C2 commit e7fdce148b6a81516e8aa5e5e037acd082611f73 running on Ubuntu 22.04. The agent was running on Windows 10 19045.
e5fdc1eb511aee9e0ced55911325ab4ed7c9efe59d20347fc192d3a17a7fa844
CHAOS version 5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to control remote operating systems. The web application contains a remote command execution vulnerability which can be triggered by an authenticated user when generating a new executable. The web application also contains a cross site scripting vulnerability within the view of a returned command being executed on an agent.
f57ebc1eae72783c36ac9e3df7805d9879e3d1ced0b8232ea872b32518252dce