CVE-2023-47622: Multiple Reflected Cross-Site Scripting Vulnerabilities in IT Service Management platform iTop
Reflected XSS in Combodo iTop's render endpoint allows arbitrary JavaScript execution via multiple query parameters.
XSS
CVE-2021-41434: Stored Cross-Site Scripting Vulnerability in Expense Management System by EGavilan Media
Stored XSS in EGavilan Media's Expense Management System allows arbitrary JavaScript execution via expense description.
CVE-2021-41432: Stored Cross-Site Scripting Vulnerability in the Blog Content in FlatPress
Stored XSS vulnerability in FlatPress 1.2.1 allows arbitrary JavaScript execution via crafted post content.