Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 44652 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-2083 1 Bestpractical 1 Rt 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2078 1 Inventivetec 1 Mediacast 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2023 1 Squirrelmail 1 Squirrelmail 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail message.
CVE-2011-2020 1 Tibco 2 Iprocess Engine, Iprocess Workspace 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-1992 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2026-06-16 4.3 MEDIUM N/A
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."
CVE-2011-1976 1 Microsoft 2 Report Viewer, Visual Studio 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka "Report Viewer Controls XSS Vulnerability."
CVE-2011-1953 1 Postrev 1 Post Revolution 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in common.php in Post Revolution before 0.8.0c-2 allow remote attackers to inject arbitrary web script or HTML via an attribute of a (1) P, a (2) STRONG, a (3) A, a (4) EM, a (5) I, a (6) IMG, a (7) LI, an (8) OL, a (9) VIDEO, or a (10) BLOCKQUOTE element.
CVE-2011-1949 1 Plone 1 Plone 2026-06-16 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422.
CVE-2011-1948 1 Plone 1 Plone 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2011-1940 1 Phpmyadmin 1 Phpmyadmin 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to (1) libraries/tbl_links.inc.php and (2) tbl_tracking.php.
CVE-2011-1937 1 Webmin 1 Webmin 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real (aka Full Name) field, related to useradmin/index.cgi and useradmin/user-lib.pl.
CVE-2011-1899 1 Ca 1 Ehealth 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in CA eHealth 6.0.x, 6.1.x, 6.2.1, and 6.2.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVE-2011-1897 1 Microsoft 1 Forefront Unified Access Gateway 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Default Reflected XSS Vulnerability."
CVE-2011-1896 1 Microsoft 1 Forefront Unified Access Gateway 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "ExcelTable Reflected XSS Vulnerability."
CVE-2011-1894 1 Microsoft 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more 2026-06-16 4.3 MEDIUM N/A
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for embedded content in an HTML document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted EMBED element in a web page that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability."
CVE-2011-1893 1 Microsoft 3 Sharepoint Foundation, Sharepoint Server, Sharepoint Services 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePoint Services 2.0 and 3.0 SP2, and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "SharePoint XSS Vulnerability."
CVE-2011-1891 1 Microsoft 2 Sharepoint Foundation, Sharepoint Services 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in a request to a script, aka "Contact Details Reflected XSS Vulnerability."
CVE-2011-1890 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft Office SharePoint Server 2010 and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via a post, aka "Editform Script Injection Vulnerability."
CVE-2011-1862 1 Hp 2 Service Center, Service Manager 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-1856 1 Hp 1 Business Availability Center 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.06 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.