REDCap before 7.5.1 has XSS via the query string.

Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability.

Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2. To be exploitable a user has to write or paste malicious content into the search dialogue.

ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.

Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry.

Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a "Content-Type: image/svg+xml" header.

In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA Security Console Administrator could craft a token profile and store the profile name in the RSA Authentication Manager database. The profile name could include a crafted script (with an XSS payload) that could be executed when viewing or editing the assigned token profile in the token by another administrator's browser session.

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.

Both global and Room chat are vulnerable to XSS attack in Apache OpenMeetings 3.2.0.

Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration

kittoframework kitto version 0.5.1 is vulnerable to an XSS in the 404 page resulting in information disclosure

Stored XSS vulnerabilities in chevereto CMS before version 3.8.11, one in the user profile and one in the Exif data parser.

Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages.

WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored XSS resulting in attacker being able to execute JavaScript on the affected site

Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack

LogicalDoc Community Edition 7.5.3 and prior is vulnerable to an XSS when using preview on HTML document.

MySQL Dumper version 1.24 is vulnerable to stored XSS when displaying the data in the database to the user

MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information

Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue.

PHPMiniAdmin version 1.9.160630 is vulnerable to stored XSS in the name of databases, tables and columns resulting in potential account takeover and scraping of data (stealing data).