Search Results (47296 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-4519 1 Reviewboard 1 Review Board 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1.6.x before 1.6.21 and 1.7.x before 1.7.17 allow remote attackers to inject arbitrary web script or HTML via the (1) Branch field or (2) caption of an uploaded file.
CVE-2012-3373 1 Apache 1 Wicket 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.21 and 1.5.x before 1.5.8 allows remote attackers to inject arbitrary web script or HTML via vectors involving a %00 sequence in an Ajax link URL associated with a Wicket app.
CVE-2012-3322 1 Ibm 7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a display name.
CVE-2012-3316 1 Ibm 7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Tivoli Process Automation Engine (TPAE) in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3308 1 Ibm 1 Sametime 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via an IM chat.
CVE-2013-4453 1 Ldap-account-manager 1 Ldap Account Manager 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in templates/login.php in LDAP Account Manager (LAM) 4.3 and 4.2.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter.
CVE-2012-3302 1 Ibm 1 Lotus Domino 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 allow remote attackers to inject arbitrary web script or HTML via (1) a URL accessed during use of the Mail template in the WebMail UI or (2) a URL accessed during use of Domino Help through the Domino HTTP server.
CVE-2013-6280 1 Linksalpha 1 Social Sharing Toolkit Plugin 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3279 1 Hp 1 Network Node Manager I 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2172 1 Ibm 1 Websphere Portal 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the search center in IBM WebSphere Portal 7.0.0.1 before CF004 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-0977 1 Sixapart 1 Movabletype 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3272 1 Hp 7 Color Laserjet Cm3530, Color Laserjet Cm60xx, Color Laserjet Cp3525 and 4 more 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability on the HP Color LaserJet CM3530 with firmware before 53.190.9, Color LaserJet CM60xx with firmware before 52.210.9, Color LaserJet CP3525 with firmware before 06.140.3 18, Color LaserJet CP4xxx with firmware before 07.120.6, Color LaserJet CP6015 with firmware before 04.160.3, LaserJet P3015 with firmware before 07.140.3, and LaserJet P4xxx with firmware before 04.170.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3255 1 Hp 1 Business Availability Center 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-2574 1 Mantisbt 1 Mantisbt 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in MantisBT 1.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the name parameter in an Add Category action.
CVE-2013-5404 1 Ibm 3 Rational Quality Manager, Rational Requirements Composer, Rational Team Concert 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element.
CVE-2013-5390 1 Ibm 1 Websphere Extreme Scale 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-5389 1 Ibm 1 Lotus Domino 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK2X.
CVE-2013-5388 1 Ibm 1 Lotus Domino 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK5F.
CVE-2012-6074 3 Cloudbees, Jenkins, Redhat 3 Jenkins, Jenkins, Openshift 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote authenticated users with write access to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-6121 1 Roundcube 1 Webmail 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.8.5 allows remote attackers to inject arbitrary web script or HTML via a (1) data:text or (2) vbscript link.