#xss

ZKTeco Xiamen Information Technology ZKBio Time 8.0.7 Build: 20220721.14829 was discovered to contain a CSV injection vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected into the Content text field of the Add New Message module.

DGIOT Lightweight industrial IoT v4.5.4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.

kkFileView v4.1.0 is vulnerable to Cross Site Scripting (XSS) via the parameter 'errorMsg.'

dutchcoders Transfer.sh 1.4.0 is vulnerable to Cross Site Scripting (XSS).

Bus Pass Management System version 1.0 suffers from a cross site scripting vulnerability.

Joomla EDocman extension version 1.23.3 suffers from a cross site scripting vulnerability.

Online Examination System version 1.0 suffers from a cross site scripting vulnerability.

A zip slip vulnerability in the file upload function of Chamilo v1.11 allows attackers to execute arbitrary code via a crafted Zip file.

FeehiCMS v2.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted payload injected into the Comment box under the Single Page module.

Bugs in Canon Medical's Virea View could allow cyberattackers to access several sources of sensitive patient data.