Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbit...

The RESTful Web Services (restws) module 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.1 for Drupal does not properly restrict access to entity write operations, which makes it easier for remote aut...

Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book

Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a maliciou...

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.

Microsoft SharePoint Server allows an elevation of privilege vulnerability due to the way that it sanitizes a specially crafted web request to an affected SharePoint server, aka "SharePoint Server XSS...