A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.

OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users.

Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered.

Online Birth Certificate System Project V 1.0 is affected by cross-site scripting (XSS). This vulnerability can result in an attacker injecting the XSS payload in the User Registration section. When an admin visits the View Detail of Application section from the admin panel, the attacker can able to steal the cookie according to the crafted payload.

Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in Papermerge, a malicious document can be sent by email and is automatically uploaded into the Papermerge web application. Therefore, no authentication is required to exploit XSS if email consumption is configured. Otherwise authentication is required.

ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML.

The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS via the search field.

In NetArt News Lister 1.0.0, the news headlines vulnerable to stored xss attacks. Attackers can inject codes in news titles.

In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.

In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via the name or description field to a solutionUnitServlet?SuName=UserReferenceDataSU Access Rights Group. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or exploiting admins' browsers by using the beef framework.

In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or exploiting admins' browsers by using the beef framework.

jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal signature, as demonstrated by a .jpg.html filename in the signImgFile parameter.

Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 devices allow /cgi-bin/cgiServer.exx?page= XSS.

osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters.

An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. The issue arises from the insecure rendering of HTML files uploaded to the platform as attachments, when the -htmlview URL is directly accessed. The impact ranges from executing commands as root on the server to retrieving sensitive information about encrypted e-mails, depending on the permissions of the target user.

HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_date parameter.

The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.

includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator.

There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.

Scratch Addons is a WebExtension that supports both Chrome and Firefox. Scratch Addons before version 1.3.2 is vulnerable to DOM-based XSS. If the victim visited a specific website, the More Links addon of the Scratch Addons extension used incorrect regular expression which caused the HTML-escaped values to be unescaped, leading to XSS. Scratch Addons version 1.3.2 fixes the bug. The extension will be automatically updated by the browser. More Links addon can be disabled via the option of the extension.