Multiple cross-site scripting (XSS) vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) banned_word[] parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.
Cross-site scripting (XSS) vulnerability in the administrative interface in Cisco WebEx Meetings Server 2.5 and 2.5.0.997 allows remote attackers to inject arbitrary web script or HTML via a crafted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Cross-site scripting (XSS) vulnerability in Cisco Access Control Server (ACS) 5.5(0.1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuu11002. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco Security Manager (CSM) 4.7(0)SP1(1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 in Cisco Headend Digital Broadband Delivery System allow remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to private messages or other. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.