#firefox

XEL CMS version 1.1 suffers from a cross site request forgery vulnerability.

Strawberry version 1.1.9 suffers from a cross site scripting vulnerability.

Sisfo Sistem Informasi Akademik LMS version 1.9.3 suffers from a cross site scripting vulnerability.

Rest-Cafe and Restaurant Website CMS version 2.0.0 suffers from a cross site scripting vulnerability.

phpFK version 9.2 Beta suffers from cross site scripting and remote SQL injection vulnerabilities.

Alumni Club Management Tools version 2.2.7 suffers from a cross site scripting vulnerability.

Alumni Club Management Tools version 2.2.7 suffers from file upload and remote SQL injection vulnerabilities.

Aplikasi Sistem Informasi Kelulusan CMS version 1.0.9 suffers from a remote file inclusion vulnerability.

Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes.

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In Special:CheckUser, a check of the "get edits" type is vulnerable to HTML injection through the User-Agent HTTP request header.