Total
28117 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1785 | 2 Devsaran, Drupal | 2 Responsive, Drupal | 2013-03-28 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Premium Responsive theme before 7.x-1.6 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-0325 | 2 Drupal, Varnish Http Accelerator Integration Project | 2 Drupal, Varnish | 2013-03-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Varnish module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta2 for Drupal allow remote attackers to inject arbitrary web script or HTML via crafted a (1) Watchdog message or (2) admin setting. | |||||
| CVE-2013-1784 | 2 Devsaran, Drupal | 2 Clean Theme, Drupal | 2013-03-28 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Clean Theme before 7.x-1.3 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-4970 | 1 Polycom | 12 Hdx 4002, Hdx 4500, Hdx 6000 and 9 more | 2013-03-26 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-0667 | 1 Siemens | 1 Wincc Tia Portal | 2013-03-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2013-0672 | 1 Siemens | 1 Wincc Tia Portal | 2013-03-22 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data. | |||||
| CVE-2013-0668 | 1 Siemens | 1 Wincc Tia Portal | 2013-03-22 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2013-0124 | 1 Askia | 1 Askiaweb | 2013-03-22 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to inject arbitrary web script or HTML via the (1) Number or (2) UpdatePage parameter to WebProd/cgi-bin/AskiaExt.dll. | |||||
| CVE-2012-3695 | 1 Apple | 1 Safari | 2013-03-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML by leveraging improper URL canonicalization during the handling of the location.href property. | |||||
| CVE-2012-3255 | 1 Hp | 1 Business Availability Center | 2013-03-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-2984 | 1 Websense | 1 Websense Content Content Gateway | 2013-03-22 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in monitor/m_overview.ink in Websense Content Gateway before 7.7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) menu or (2) item parameter. | |||||
| CVE-2012-2582 | 1 Otrs | 2 Otrs, Otrs Itsm | 2013-03-22 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.13, 3.0.x before 3.0.15, and 3.1.x before 3.1.9, and OTRS ITSM 2.1.x before 2.1.5, 3.0.x before 3.0.6, and 3.1.x before 3.1.6, allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a Cascading Style Sheets (CSS) expression property in the STYLE attribute of an arbitrary element or (2) UTF-7 text in an HTTP-EQUIV="CONTENT-TYPE" META element. | |||||
| CVE-2012-2018 | 1 Hp | 1 Network Node Manager I | 2013-03-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-2011 | 1 Hp | 1 Web Jetadmin | 2013-03-22 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin 8.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-2372 | 1 Tibco | 1 Spotfire Web Player | 2013-03-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-0227 | 2 Drupal, Mathijs Koenraadt | 2 Drupal, Search Api Sorts | 2013-03-21 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Search API Sorts module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain roles to inject arbitrary web script or HTML via unspecified field labels. | |||||
| CVE-2013-0225 | 2 Drupal, User Relationships Project | 2 Drupal, User Relationships | 2013-03-21 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the User Relationships module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.0-alpha5 for Drupal allows remote authenticated users with the "administer user relationships" permission to inject arbitrary web script or HTML via a relationship name. | |||||
| CVE-2013-0275 | 1 Ganglia | 1 Ganglia-web | 2013-03-19 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-0962 | 1 Apple | 1 Iphone Os | 2013-03-16 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 6.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted content that is not properly handled during a copy-and-paste operation. | |||||
| CVE-2012-4543 | 1 Redhat | 1 Certificate System | 2013-03-08 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script. | |||||