CWE-79

Cross-site Scripting (XSS) – Stored in Packagist pimcore/pimcore prior to 10.3.1.

Cross-site Scripting (XSS) – Reflected in Packagist pimcore/pimcore prior to 10.3.1.

Cross-site Scripting (XSS) – Stored in Packagist remdex/livehelperchat prior to 3.93v.

The User Meta WordPress plugin before 2.4.3 does not sanitise and escape the Form Name, as well as Shared Field Labels before outputting them in the admin dashboard when editing a form, which could allow high privilege users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Cross-site Scripting (XSS) – Reflected in Packagist microweber/microweber prior to 1.2.11.

Cross-site Scripting (XSS) – Stored in Packagist microweber/microweber prior to 1.2.11.