#xss

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting (XSS) vulnerability.

An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate (from resources/wikibase/templates.js) for quotes (which can be in a title attribute).

An issue was discovered in the DoubleWiki extension for MediaWiki through 1.39.3. includes/DoubleWiki.php allows XSS via the column alignment feature.

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting (XSS) vulnerability.

GZ Multi Hotel Booking System version 1.8 suffers from a cross site scripting vulnerability.

GZ E Learning Platform version 1.8 suffers from a cross site scripting vulnerability.

CRM Platform version 1.8 suffers from a cross site scripting vulnerability.

GZ Forum Script version 1.8 suffers from a cross site scripting vulnerability.

GZ Hotel Booking Script version 1.8 suffers from a cross site scripting vulnerability.

Ticket Booking Script version 1.8 suffers from a cross site scripting vulnerability.