CWE-79

Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via the configuration of a user account. An attacker can execute arbitrary script on an unsuspecting user’s browser.

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post.

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment.

In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the term parameter to the /search URI.

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a User Profile.

IBOS 4.4.3 has XSS via a company full name.