XoopsCore25 version 2.5.11 suffers from a cross site scripting vulnerability.
2ae84d82db1b05e74c65de107834f1df7a00fa59f13b38b64eb16a00c14b1b92
Red Hat Security Advisory 2024-0778-03 - An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, improper authorization, information leakage, insecure permissions, and open redirection vulnerabilities.
ab4f43b9e71e063c24e6665055c78987e13d3b3ffaeb136bf2ca4c7222838cb2
Red Hat Security Advisory 2024-0777-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.14. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, information leakage, and open redirection vulnerabilities.
3eed8a402985e9201b2959d777e66d6b3d4c828342daf0e2047df99c9352d53f
Red Hat Security Advisory 2024-0776-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Issues addressed include bypass, code execution, cross site scripting, and denial of service vulnerabilities.
066ec355713bdfb5d17ff8adb414021618bb7df8ac5b4fbee6ddd1731eff0030
Red Hat Security Advisory 2024-0775-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11. Issues addressed include bypass, code execution, cross site scripting, deserialization, information leakage, and insecure permissions vulnerabilities.
bce52c7c00b891789e1532b690676483061f98b6a4dfcfe94e9ecadad6b53155
Ubuntu Security Notice 6631-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
4b6f4fc061a2d62f4bfc4c023b3a9687f579682d0d0d93b1e1032a14339c54da
Advanced Page Visit Counter version 1.0 suffers from a persistent cross site scripting vulnerability.
f6d7790e5d925f394cef69bc78bd6c8b5f89cc8b9036ef13a7d4dd56535dc8e5
Red Hat Security Advisory 2024-0746-03 - Updated container image for Red Hat Ceph Storage 5.3 is now available in the Red Hat Ecosystem Catalog. Issues addressed include cross site scripting and denial of service vulnerabilities.
df456c5ff3eec148a2beca2bbbd79e0ea4e10f1895bfac2fe56b6eecd379e96b
Debian Linux Security Advisory 5616-1 - It was discovered that ruby-sanitize, a whitelist-based HTML sanitizer, insufficiently sanitized style elements, which may result in cross-site scripting.
cb1891138c71065ba8a31de094547c27038e14dbb35d632d940934fd3474f59c
WordPress Simple URLs plugin versions prior to 115 suffer from a cross site scripting vulnerability.
c30a14aad4b176fcca47e0448ca0f4736ce2e14ebe3feb095662f74d88b72153
Gym Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original credit for this finding goes to Jyotsna Adhana in October of 2020 but uses a different vector of attack for this software version.
c0f2d33a4c3991ea99477e6d1d0b6c609743f37a52348c26fa084cc05b9df687
WhatsUp Gold 2022 version 22.1.0 Build 39 suffers from a persistent cross site scripting vulnerability.
c220ac742e0433187b0d69c0b84acee272914b285cfb7aab956f93dfb9bd2fce
MISP version 2.4.171 suffers from a persistent cross site scripting vulnerability.
c46d1b01317a56d0c3ca6306f105dceaf23c7eb41b768453a59fb637c41d5e3e
Red Hat Security Advisory 2024-0485-03 - Red Hat OpenShift Container Platform release 4.12.48 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a cross site scripting vulnerability.
0deb6bdda4870623dcb74de02a9972bc221c57721c7586c37779abe972798ff3
Interactive Floor Plan version 1.0 suffers from a cross site scripting vulnerability.
696171fac915ad8521ab878bf8dd8496a69db4eedb1b4fe9f216fbfde57545ec
PHPJ Callback Widget version 1.0 suffers from a persistent cross site scripting vulnerability.
5a4188d904853b282526ec16d8c5d6f9a6a772e2951744e041fdfe4a31e26fed
mqXSS is a client to communicate with XSS hooked browsers over MQTT. Similar to xsshunter or beef, mqxss allows interaction with remote browsers that have been injected with a XSS payload. However, instead of having the victim connect back to your server they connect through a Secure Websocket MQTT broker instead. This tool facilitates the JS payload generation and interaction with hooked browsers that communicate over WSS MQTT brokers.
8896d3a6c195fd964e3ba8e5a991dcb72d8c6488f787f595e2d0fca71fec9ad8
Ubuntu Security Notice 6582-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
efacb4bdb05b573622a6891d651f7f79948338036201cc4c73c3478731777aee
WordPress POST SMTP Mailer plugin versions 2.8.7 and below suffer from authorization bypass and cross site scripting vulnerabilities.
1bdd84a69d04f6ca05b840e49215c74a3095a9b4cd20f08c7cd6c500f98bc02f
Ubuntu Security Notice 6574-1 - Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross site scripting attack. This issue only affected Go 1.20 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. It was discovered that Go did not properly validate the "//go:cgo_" directives during compilation. An attacker could possibly use this issue to inject arbitrary code during compile time.
b8c2a5761a1b9b637336f2af66c0577c0e91e5d6928b1d69d773c8f5060e8589
PHPJabbers Meeting Room Booking System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
e6821affd91c6976ec243ea146e7afbb0ed24afc9759a1132aa2d0f6d32f79c1
PHPJabbers Event Ticketing System version 1.0 suffers from cross site scripting and html injection vulnerabilities.
2caf4aa999009c25ac7c26798df4e4a0ac8a097c8ef866861469f934e7b3bfca
PHPJabbers Cinema Booking System version 1.0 suffers from reflective and persistent cross site scripting vulnerabilities.
65d36ac9160ab1c240f6675581e697453542fa0e4bd126a1f51e746ce51641f2
PHPJabbers Cleaning Business Software version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
e47debdf9fc3c3d01a9a065adc30bc2b0166bcf23690c6d3ac8b4dd15242abfa
PHPJabbers Shared Asset Booking System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
55b8208f2ccd19891ff073a3c0c73038d621c5100ca8bca74d3b845c3b903e9a