CWE-79

Cross-site Scripting (XSS) – Generic in GitHub repository erudika/para prior to v1.45.11.

Cross-site Scripting (XSS) – Reflected in GitHub repository rtxteam/rtx prior to checkpoint_2022-05-18.

Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9.

The WP Admin Style WordPress plugin through 0.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed

A vulnerability, which was classified as problematic, has been found in Zoo Management System 1.0. Affected by this issue is /zoo/admin/public_html/view_accounts?type=zookeeper of the content module. The manipulation of the argument admin_name with the input alert(1) leads to an authenticated cross site scripting. Exploit details have been disclosed to the public.

A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input

1 leads to an authenticated cross site scripting. Exploit details have been disclosed to the public.