#xss

Online Birth Certificate Management System version 1.0 suffers from a cross site scripting vulnerability.

Online Birth Certificate Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

The package express-xss-sanitizer before 1.1.3 is vulnerable to Prototype Pollution via the `allowedTags` attribute, allowing the attacker to bypass xss sanitization.

Centreon v20.10.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the `esc_name` (Escalation Name) parameter at `Configuration/Notifications/Escalations`. This vulnerability allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload. Versions 21.04.16, 21.10.8, and 22.04.2 contain patches.

Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields.

Centreon v20.10.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations. This vulnerability allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.

WordPress Forym plugin version 1.5.7 suffers from a cross site scripting vulnerability.

WordPress Sabai Discuss plugin version 1.4.13 suffers from a cross site scripting vulnerability.

WooCommerce plugin BRW Booking Rental version 1.3.1 from Ovatheme suffers from a cross site scripting vulnerability.

Active eCommerce CMS version 6.3.0 suffers from a cross site scripting vulnerability.