#xss

Cross-site Scripting (XSS) - Stored in GitHub repository pkp/ojs prior to 3.3.0-16.

Cross-site Scripting (XSS) - Reflected in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

Cross-site Scripting (XSS) - DOM in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

An issue was discovered in Virtualmin 7.7. The Cloudmin Services Client under System Settings allows XSS.

An issue was discovered in Virtualmin 7.7. The Custom Fields feature of Edit Virtual Server under System Customization allows XSS.

An issue was discovered in Virtualmin 7.7. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Account Plans tab of System Settings via the Plan Name field. Whenever the module is accessed, the XSS payload is executed.

An issue was discovered in Virtualmin 7.7. A Stored Cross-Site Scripting (XSS) vulnerability exists in the Create Extra Administrator tab via the "Real name or description" field.

An issue was discovered in Virtualmin 7.7. The Create Virtual Server functionality allows XSS attacks against anyone who accesses the Virtual Server Summary tab.

An issue was discovered in Virtualmin 7.7. The Server Templates feature under System Settings allows XSS.