CWE-79

The GiveWP WordPress plugin before 2.17.3 does not escape the json parameter before outputting it back in an attribute in the Import admin dashboard, leading to a Reflected Cross-Site Scripting

livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.2.7.

Cross-site Scripting (XSS) – Stored in Packagist pimcore/pimcore prior to 10.2.7.