DNN (formerly DotNetNuke) 9.1.1 allows cross-site scripting (XSS) via XML.
CWE-79
CVE-2018-14493
Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the group name.
CVE-2018-14497
Tenda D152 ADSL routers allow XSS via a crafted SSID.
CVE-2018-14499
An issue was found in HYBBS through 2016-03-08. There is an XSS vulnerablity via an article title to post.html.
CVE-2018-14500
joyplus-cms 1.6.0 has XSS via the manager/collect/collect_vod_zhuiju.php keyword parameter.
CVE-2018-14503
Cross-site scripting (XSS) vulnerability in intervalCheck.jsp in Coremail XT 3.0 allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
