DIGISOL DG-HR3400 devices have XSS via a modified SSID when the apssid value is unchanged.
CWE-79
CVE-2018-12672
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B) does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was implemented, this vulnerability could be leveraged to perform actions on behalf of another user or the administrator.
CVE-2018-12695
mao10cms 6 allows XSS via the m=bbs&a=index page.
CVE-2018-12696
mao10cms 6 allows XSS via the article page.
CVE-2018-12705
DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side).
CVE-2018-12711
An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. In some cases, the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or values on the current page URL.
