CraftedWeb through 2013-09-24 has reflected XSS via the p parameter.

An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has XSS because tag label values are mishandled.

An issue was discovered in Mayan EDMS before 3.0.2. The Cabinets app has XSS via a crafted cabinet label.

An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS.

Ogma CMS 0.4 Beta has XSS via the "Footer Text footer" field on the "Theme/Theme Options" screen.

Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings.

The issue was discovered in IdeaCMS through 2016-04-30. There is reflected XSS via the index.php?c=content&a=search kw parameter. NOTE: this product is discontinued.

PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=User_group&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=.

A cross-site scripting (XSS) vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml.

WUZHI CMS 4.1.0 has XSS via the index.php?m=core&f=set&v=basic form[statcode] parameter.

WUZHI CMS 4.1.0 has XSS via the index.php?m=link&f=index&v=add form[remark] parameter.

SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, related to the site name.

An issue was discovered in Gleez CMS v1.2.0. There is XSS via media/imagecache/resize.

ChemCMS 1.0.6 has XSS via the "setting -> website information" field.

ShowDoc v1.8.0 has XSS via a new page.

Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.

There is Stored XSS in Subrion 4.2.1 via the admin panel URL configuration.

There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field.

In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field.

Bludit 2.3.4 allows XSS via a user name.