MyBB before 1.8.25 allows stored XSS via nested [email] tags with MyCode (aka BBCode). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
A stored XSS issue exists in Appspace 6.2.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Contact page in Monica 2.19.1 allows stored XSS via the Nickname field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Contact page in Monica 2.19.1 allows stored XSS via the Description field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Contact page in Monica 2.19.1 allows stored XSS via the Last Name field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Contact page in Monica 2.19.1 allows stored XSS via the Middle Name field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Contact page in Monica 2.19.1 allows stored XSS via the First Name field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Genymotion Desktop through 3.2.0 leaks the host's clipboard data to the Android application by default. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.