Search Results (42958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-3003 1 Ibm 1 Connections 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-3001 and CVE-2016-3006.
CVE-2016-3006 1 Ibm 1 Connections 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-3001 and CVE-2016-3003.
CVE-2016-3089 1 Apache 1 Openmeetings 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the SWF panel in Apache OpenMeetings before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the swf parameter.
CVE-2016-3056 1 Ibm 1 Business Process Manager 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Business Space in IBM Business Process Manager 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, and 8.5 before 8.5.7.0 CF2016.09 allows remote authenticated users to inject arbitrary web script or HTML via crafted content.
CVE-2016-3057 1 Ibm 1 Sterling B2b Integrator 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-3097 1 Redhat 2 Network Satellite, Satellite 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data.
CVE-2016-3126 1 Blackberry 1 Enterprise Server 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2016-3144 2 Fedoraproject, Fourkitchens 2 Fedora, Block Class 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitrary web script or HTML via a class name.
CVE-2016-3196 1 Fortinet 2 Fortianalyzer Firmware, Fortimanager Firmware 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 allows remote authenticated users to inject arbitrary web script or HTML via the filename of an image uploaded in the report section.
CVE-2014-6620 1 Arubanetworks 1 Clearpass 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-5257 1 Formalms 1 Formalms 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attackers to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request or (2) id_game parameter in an alms/games/edit request to appCore/index.php.
CVE-2014-5235 1 Open-xchange 1 Open-xchange Appsuite 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite before 7.4.2-rev33 and 7.6.x before 7.6.0-rev16 allows remote attackers to inject arbitrary web script or HTML via vectors related to unspecified fields in RSS feeds.
CVE-2014-5234 1 Open-xchange 1 Open-xchange Appsuite 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite before 7.4.2-rev33 and 7.6.x before 7.6.0-rev16 allows remote attackers to inject arbitrary web script or HTML via a folder publication name.
CVE-2014-5212 1 Novell 1 Edirectory 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.
CVE-2014-5198 1 Splunk 1 Splunk 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.
CVE-2014-5191 1 Ckeditor 1 Ckeditor 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-5190 1 Si Captcha Anti-spam Project 1 Si Captcha Anti-spam 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in captcha-secureimage/test/index.php in the SI CAPTCHA Anti-Spam plugin 2.7.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2014-5169 1 Date Project 1 Date 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or HTML via the date field title.
CVE-2014-5172 1 Sap 1 Hana 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the XS Administration Tools in SAP HANA allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-5136 1 Iii 1 Sierra 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sierra Library Services Platform 1.2_3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.