A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary client-sid...

Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application.

Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malic...

A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Key...

Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.10 (Vaadin 10.0.0 through 10.0.13), and 1.1.0 through 1.4.2 (Vaadin 11.0.0 through 1...

Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager. The vulnerability could reveal sensitive information retained by the browser. This issue affe...