#xss

PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross-site scripting through the `isCleanHTML` method. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements.

Debian Linux Security Advisory 5470-1 - Several vulnerabilities were discovered in python-werkzeug, a collection of utilities for WSGI applications.

Social-Commerce version 3.1.6 suffers from a cross site scripting vulnerability.

mooSocial version 3.1.8 suffers from a cross site scripting vulnerability.

Database Compilation CMS version 1.2 suffers from a cross site scripting vulnerability.

Cvanav-DAW CMS version 0.1 suffers from a cross site scripting vulnerability.

CMS BMGI International version 4.0 suffers from a cross site scripting vulnerability.

Coupons CMS version 6.00 suffers from an open redirection vulnerability.

The WP Food Manager WordPress plugin before 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)