CWE-79

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the web_exec parameter at /apply.cgi.

Cross-site Scripting (XSS) – DOM in GitHub repository openemr/openemr prior to 7.0.0.1.

A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title.

Cross-site Scripting (XSS) – Reflected in GitHub repository openemr/openemr prior to 7.0.0.1.

Cross-site Scripting (XSS) – Reflected in GitHub repository openemr/openemr prior to 7.0.0.1.

A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_product of E-Commerce Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Title text field.