School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:126.
CWE-79
CVE-2022-30517
Mogu blog 5.2 is vulnerable to Cross Site Scripting (XSS).
CVE-2022-30519
XSS in signing form in Reprise Software RLM License Administration v14.2BL4 allows remote attacker to inject arbitrary code via password field.
CVE-2022-30349
siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS).
CVE-2022-3035
Cross-site Scripting (XSS) – Stored in GitHub repository snipe/snipe-it prior to v6.0.11.
CVE-2022-3036
The Gettext override translations WordPress plugin before 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)