LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php action XSS.
CWE-79
CVE-2022-31495
LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php return_page XSS.
CVE-2022-31497
LibreHealth EHR Base 2.0.0 allows interface/main/finder/finder_navigation.php patient XSS.
CVE-2022-31498
LibreHealth EHR Base 2.0.0 allows interface/orders/patient_match_dialog.php key XSS.
CVE-2022-3135
The SEO Smart Links WordPress plugin through 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVE-2022-31358
A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/.