#xss

An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and then impersonate that user via POST email_create and back parameter.

An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and then impersonate that user via GET configure parameter.

PHPJabbers Forum Script version 3.0 suffers from a persistent cross site scripting vulnerability.

PHPJabbers Forum Script version 3.0 suffers from a cross site scripting vulnerability.

PHPJabbers STIVA Blog Script version 4.1 suffers from a cross site scripting vulnerability.

Adiscon LogAnalyzer version 4.1.5 suffers from a cross site scripting vulnerability.

PHPJabbers Knowledge Base Builder version 3.0 suffers from a cross site scripting vulnerability.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dream-Theme The7 plugin <= 11.6.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wpmet Wp Ultimate Review plugin <= 2.0.3 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPExperts Password Protected plugin <= 2.6.2 versions.