There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked cou
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked cou
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked cou
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked cou
A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to exe
Phraseanet 4.0.3 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through crafted file names during document uploads. Attackers can uplo
A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component. This vulnerability requires user interaction, such as click
RockMongo 1.1.7 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through multiple unencoded input parameters. Attackers can exploit the vulnerabil
Cross-Site Scripting (XSS) vulnerability was discovered in the Ajax transaction manager endpoint of ARD. An attacker can intercept the Ajax response and inject malicious JavaScript into the accountNam
A stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script
A Cross-site scripting (XSS) vulnerability in /api_vedo/ in Vedo Suite version 2024.17 allows remote attackers to inject arbitrary Javascript or HTML code and potentially trigger code execution in vic
A stored cross-site scripting (XSS) vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description field in the page creation interface (/admin/pages/add)
The Ricerca – advanced search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's settings in all versions up to, and including, 1.1.12 due to insufficient input sanitizatio
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string wh
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string wh
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string wh
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string wh
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string wh
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.5, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2