CWE-79

Cross-site Scripting (XSS) – Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.1.

The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element URL, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks

The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element content, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks

Cross-site Scripting (XSS) – Generic in GitHub repository kromitgmbh/titra prior to 0.77.0.

Cross-site Scripting (XSS) – DOM in GitHub repository kromitgmbh/titra prior to 0.77.0.

In Pandora FMS v7.0NG.761 and below, in the file manager section, the dirname parameter is vulnerable to a Stored Cross Site-Scripting. This vulnerability can be exploited by an attacker with administrator privileges logged in the system.