Search Results (42958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-5312 1 Gollos 1 Gollos 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Gollos 2.8 allow remote attackers to inject arbitrary web script or HTML via the returnurl parameter to (1) register.aspx, (2) publication/info.aspx, or (3) user/add.aspx, or (4) the q parameter to product/list.aspx.
CVE-2015-1988 1 Ibm 2 Tivoli Storage Flashcopy Manager, Tivoli Storage Manager For Virtual Environments 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 and Tivoli Storage FlashCopy Manager for VMware 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.3.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVE-2015-1995 1 Ibm 1 Security Qradar Incident Forensics 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2016-1449 1 Cisco 1 Webex Meetings Server 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy92711.
CVE-2015-4347 1 Inlinks Project 1 Inlinks 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the inLinks Integration module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified path arguments.
CVE-2015-4337 1 Xcloner 1 Xcloner 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the excl_manual parameter in the xcloner_show page to wpadmin/plugins.php.
CVE-2015-5968 1 Novell 1 Filr 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2016-1439 1 Cisco 1 Unified Contact Center Enterprise 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650.
CVE-2013-6310 1 Ibm 1 Marketing Platform 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-1377 1 Cisco 1 Unity Connection 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776.
CVE-2013-6314 1 Ibm 2 Enterprise Records, Infosphere Enterprise Records 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-1354 1 Cisco 1 Unified Communications Domain Manager 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 8.x before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCud41176.
CVE-2016-1310 1 Sun 1 Opensolaris 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033.
CVE-2016-1298 1 Cisco 1 Unified Contact Center Express 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Express 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via vectors related to permalinks, aka Bug ID CSCux92033.
CVE-2015-6346 1 Cisco 1 Secure Access Control Server 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2016-1592 1 Netiq 1 Identity Manager 2025-04-12 N/A
XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI.
CVE-2016-1113 1 Adobe 1 Coldfusion 2025-04-12 6.1 Medium
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-1229 1 Humhub 1 Humhub 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-2591 1 Emailarchitect 1 Emailarchitect Email Server 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 10.0 and 10.0.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) From or (2) Date field in an email.
CVE-2015-6353 1 Cisco 1 Firesight System Software 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.3.1.5 and 5.4.x through 5.4.1.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuu28922.