CVE-2000-0081
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attack
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attack
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attack
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and
Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer
The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createS
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN allow remote attackers to
Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary m
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to
Cross-site scripting (XSS) vulnerability in Opera before 12.10 allows remote attackers to inject arb
The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring
A Denial of Service vulnerability exists in Symantec Norton Mobile Security for Android prior to 3.1
A security bypass vulnerability exists in Symantec Norton Mobile Security for Android before 3.16, w
A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker
The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to
IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerabil
Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06
Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to
IBM Jazz Reporting Service (JRS) 6.0.3, 6.0.4, 6.0.5, and 6.0.6 is vulnerable to cross-site scriptin
IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerabil
A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome
JavaScript alert handling in Prompts in Google Chrome prior to 68.0.3440.75 allowed a remote attacke
The admin web interface on Technicolor MediaAccess TG789vac v2 HP devices with firmware v16.3.7190-2
XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows
A Content-Security-Policy that blocks in-line scripts could be bypassed using an object tag to execu
If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet,
A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 through 12.1.3, allowing
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allow
The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows
Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executin
mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdB
This affects the package djv before 2.1.4. By controlling the schema file, an attacker can run arbit
Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability
Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability
IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. Th
IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. Th
IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. Th
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to stored cross-site scripting. This vulnerab
IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. This vulnerability al
IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is vulnerable to stored cross-si
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to e
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to e
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to e
The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to user
grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is vulnerable to arb
OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator att
MendixSSO <= 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a
SAP BusinessObjects Business Intelligence platform, versions 410, 420, allows an authenticated attac
OX App Suite through 7.10.4 allows XSS via JavaScript in a Note referenced by a mail:// URL.
OX App Suite through 7.10.4 allows XSS via a contact whose name contains JavaScript code.
OX App Suite through 7.10.4 allows XSS via an appointment in which the location contains JavaScript
MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions inclu
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 is vulnerable to cross-site scripting. This vulne
OroPlatform is a PHP Business Application Platform. In affected versions by sending a specially craf
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrar
Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires admi
Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary cod
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary cod
WordPress is a free and open-source content management system written in PHP and paired with a Maria
@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communi
Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker
Multiple XSS issues were discovered in Sage XRT Business Exchange 12.4.302 that allow an attacker to