#xss

Open edX platform before 2022-06-06 allows XSS via the "next" parameter in the logout URL.

Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page.

### Impact `DisplayName` allows all the characters from users, which leads to an XSS vulnerability when directly displayed in the issue list. ### Patches `DisplayName` is sanitized before being displayed. Users should upgrade to 0.12.9 or the latest 0.13.0+dev. ### Workarounds Check and update the existing users' display names that contain malicious characters. ### References N/A ### For more information If you have any questions or comments about this advisory, please post on https://github.com/gogs/gogs/pull/7009.

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page.

A Cross Site Scripting vulnerabilty exists in PartKeepr 1.4.0 via the 'name' field in /api/part_categories.

WordPress Download Manager versions 3.2.42 and below suffer from a cross site scripting vulnerability.

Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.

Passkeys, Safety Check, and Private Access Tokens demonstrated during week-long virtual conference

Rob Gurzeev, CEO and Co-Founder of CyCognito, explores external attack surface soft spots tied to an ever-expanding number of digital assets companies too often struggle to keep track of and manage effectively.