Red Hat Security Advisory 2024-1346-03 - An update is now available for Red Hat OpenShift GitOps 1.11. Issues addressed include a cross site scripting vulnerability.
4e27fe9694223369048171a7dd87a8d18d6410672e631aedc8749e530cb03b2e
Red Hat Security Advisory 2024-1345-03 - An update is now available for Red Hat OpenShift GitOps 1.10. Issues addressed include a cross site scripting vulnerability.
64a46bf7a4541939a17921f671d245f64410181b222639c51c4a7b97d1d18532
Financials by Coda versions prior to 2023Q4 suffer from a cross site scripting vulnerability.
34202068f860d76bf76919a5032aea9e7b1a4b4f23d207a20914dd51652a7504
SnipeIT version 6.2.1 suffers from a persistent cross site scripting vulnerability.
eee914b06410c5150fcb2bae44901641cb89e7a2dd28897fd46de6299c87af27
NorthStar C2 agent version 1.0 applies insufficient sanitization on agent registration routes, allowing an unauthenticated attacker to send multiple malicious agent registration requests to the teamserver to incrementally build a functioning javascript payload in the logs web page. This cross site scripting payload can be leveraged to execute commands on NorthStar C2 agents.
e3d03b1bb5d42cd9ee527169a57dc6bfa52c6c6b50d4e1a990a6c9443e01b3b1
FullCourt Enterprise version 8.2 suffers from multiple cross site scripting vulnerabilities.
fb84d6d2742c62baaef0300444804dccd4f9822a3ed05a712c9990f000275ecf
Debian Linux Security Advisory 5635-1 - Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was vulnerable to cross-site scripting.
dcdab1d7f7cf4e649af57210018d82164536fd3183f20fc49dc2b55a1e94d866
Solar-Log 200 PM+ version 3.6.0 suffers from a persistent cross site scripting vulnerability.
91c80fe6993444332ef6cfa75038b93091c2168576431c35a2ce5ab6af024a52
WordPress Neon Text plugin versions 1.1 and below suffer from a persistent cross site scripting vulnerability.
f6fa131d3df7c7fa0667803c7757179d6f0f6967ebbb7d6ee2469662460a8a4e
BoidCMS version 2.0.1 suffers from multiple cross site scripting vulnerabilities. Original discovery of cross site scripting in this version is attributed to Rahad Chowdhury in December of 2023, though this advisory provides additional vectors of attack.
399c7d150c74e14ff960b4352508c5f4a2a59bf2bfe1f4f390b71685d91640df
Petrol Pump Management Software version 1.0 suffers from multiple cross site scripting vulnerabilities.
527eeaf50e15d94715035ef458538033c4f5eff926cb533e157dbed8bed874f5
WordPress IDonate Blood Request Management System plugin versions 1.8.1 and below suffer from a persistent cross site scripting vulnerability.
deb442f6accbca69dc829364f209cc07083ae35484b8d9dbcf49d6fb5acec053
Red Hat Security Advisory 2024-0944-03 - Red Hat OpenShift Container Platform release 4.14.14 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a cross site scripting vulnerability.
b2d8d1243657dc45b8f15e03ea3f58f5fa6d7850ca8be36592bdd03fb2c4897c
WordPress Admin Bar and Dashboard Access Control plugin version 1.28 suffers from a persistent cross site scripting vulnerability.
b4ad5f139e9d3b2516b87a994569e0646ffb052a5990072054404ca117aece0b
Hospital Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
ee80dd4b7307acb7e78dc9fe5a4441a93e60abc361a7fa9ad6121fdf7e97628c
Ubuntu Security Notice 6654-1 - It was discovered that Roundcube Webmail incorrectly sanitized characters in the linkrefs text messages. An attacker could possibly use this issue to execute a cross-site scripting attack.
460026cc73cc6675127f73b71d11e0359570d321c9e013f075f7ee551cfcf679
SuperCali version 1.1.0 suffers from a cross site scripting vulnerability.
9f0cd74fe8260d16546ba65db15a5a931753546b0b6b4a4d0d6641c9eee1e37a
CMS Made Simple version 2.2.19 suffers from a persistent cross site scripting vulnerability.
aaabe1d02e7411b3fdb5bd9220f8bd34a7c9e15203321299cabd15dca9372cde
SitePad version 1.8.2 suffers from a persistent cross site scripting vulnerability.
48e6c1331a13411ebde677abf495089e3693574074e2831d427d7943a6dded2a
Dotclear version 2.29 suffers from a cross site scripting vulnerability.
48697a04e731c5ea3f3bb5bbf9027809e1f2b25c54b903adb00f897d6247d1e6
OpenOLAT versions 18.1.4 and below and versions 18.1.5 and below suffer from multiple persistent cross site scripting vulnerabilities.
da2d4328b6f51310c2a5be6d36b60d1aa6c91e556e13bd98db91a0808753e340
WEBIGniter version 28.7.23 suffers from a persistent cross site scripting vulnerability.
ce9033c8a5d4008525f16f7aed4391e201358d977f4356f22c00babfa8102d79
Savsoft Quiz version 6.0 Enterprise suffers from a persistent cross site scripting vulnerability.
1ac23355d0f62f25e82f60f47ba431e52d9d96b2c52c9c3d4363d3b2c7465e82
SPA-CART CMS version 1.9.0.3 suffers from a persistent cross site scripting vulnerability.
58fd612953477296342ab3025c080edfa2b76e3aadd2c0664b18066ad9c76722
InstantCMS version 2.16.1 suffers from a persistent cross site scripting vulnerability that appears to require administrative access.
7923340c990b9cceb58ce85ba5207a9c3605de4fca54417c061ae374af5da4a9