Missing sanitation of inputs allowed arbitrary users to conduct a stored XSS attack that triggers for users that view a certain project
A stored Cross-site Scripting (XSS) vulnerability affecting Opportunity Management in Project Portfolio Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
vulnerability exists when an authenticated attacker modifies folder names within the context of
the product
A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version before 2.32.0 and fixed in v.2.32.0. User-controlled input is reflected into HTML and JavaScript contexts without prop
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
vulnerability exists when an authenticated user modifies configuration parameters on the web server
A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker
A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter. An authenticated user with custom fields privileges c
Multiple CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins Project Showcase gs-projects allows Stored XSS.This issue affects Project Showcase: fro
Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "File Name" page (/cgi/uset.cgi?-cfilename) in t
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Build allows Stored XSS.This issue affects Build: from n/a through 1.0.3.
Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report.
Reflected cross-site scripting (XSS) vulnerability in desknet's Web Server allows execution of arbitrary JavaScript in a user’s web browser.
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability
exists impacting configuration file paths that could cause an unvalidated data injected by au
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause condition where authenticated attackers can have a victim’s browser ru
Page 1+ Next →