| 38649 | Atmail WebMail <= 5.6.0 (5.60) Email Body Injection | medium |
| 38208 | Apache Struts 2 s:a / s:url Tag href Element XSS | low |
| 38199 | BlackBerry Enterprise Server MDS Connection Service XSS | medium |
| 36184 | Atlassian JIRA < 3.13.3 DWR 'c0-id' XSS | medium |
| 36072 | SAP DB / MaxDB WebDBM Multiple Parameter XSS | medium |
| 35806 | Tomcat Sample App cal2.jsp 'time' Parameter XSS | medium |
| 35726 | Novell GroupWise < 7.03HP2 / 8.0HP1 WebAccess Multiple XSS | medium |
| 35611 | ESET Remote Administrator < 3.0.105 Additional Report Settings XSS | medium |
| 35556 | Mono ASP.NET action Attribute XSS | medium |
| 35452 | Apache Jackrabbit 'q' Parameter XSS | medium |
| 35299 | Apache Roller q Parameter XSS | medium |
| 35281 | IceWarp Merak Mail Server < 9.4.0 IMG Tag XSS | medium |
| 35258 | Kerio MailServer < 6.6.2 Multiple XSS (KSEC-2008-12-16-01) | medium |
| 34994 | WordPress wp-includes/feed.php self_link() Function Host Header RSS Feed XSS | medium |
| 34849 | MDaemon WorldClient < 10.0.2 Email Handling XSS | medium |
| 34694 | HP System Management Homepage < 2.1.15.210 Unspecified XSS | medium |
| 34336 | MailMarshal Spam Quarantine Management (SQM) Multiple Component XSS | low |
| 33947 | CiscoWorks Server Common Services Login Page XSS | medium |
| 33945 | Cisco Secure Access Control Server (ACS) CSUserCGI.exe Help Facility XSS | medium |
| 33928 | MS Site Server < 3.0 formslogin.asp url Parameter XSS | medium |
| 33548 | HP System Management Homepage < 2.1.12 Unspecified XSS | medium |
| 33279 | CGIWrap Charset Specification Weakness Error Message XSS | medium |
| 33273 | Resin viewfile Servlet file Parameter XSS | medium |
| 33220 | Adobe Flex 3 History Management historyFrame.html XSS | medium |
| 33219 | Lyris ListManager read/search/results words Parameter XSS | medium |
| 32506 | dotCMS search-results.dot search_query Parameter XSS | medium |
| 32480 | Xerox DocuShare dsweb Servlet Multiple XSS | medium |
| 32434 | Barracuda Spam Firewall cgi-bin/ldap_test.cgi email Parameter XSS | medium |
| 32319 | Django Administration Application Login Form XSS | medium |
| 32136 | Sun Java System Web Server Search Module XSS | medium |
| 31787 | SmarterMail Subject Field XSS | medium |
| 31133 | OSSIM Framework session/login.php dest Parameter XSS | medium |
| 31120 | BEA Plumtree portal/server.pt name Parameter XSS | medium |
| 31117 | ProjectPier index.php Multiple Parameter XSS | medium |
| 30217 | F5 BIG-IP Web Management Multiple XSS | medium |
| 29926 | Sun Java System Identity Manager Multiple XSS | medium |
| 29895 | IceWarp Mail Server admin/index.html message Parameter XSS | medium |
| 29834 | Atlassian JIRA 500page.jsp XSS | medium |
| 29306 | Websense Reporting Tools WsCgiLogin.exe username Parameter XSS | medium |
| 29225 | NetScaler Web Management ws/generic_api_call.pl standalone Parameter XSS | medium |
| 29219 | Mort Bay Jetty Dump Servlet (webapps/test/jsp/dump.jsp) XSS | medium |
| 28334 | ht://dig htsearch sort Parameter XSS | medium |
| 27818 | ManageEngine OpManager Login.do Multiple Parameter XSS | medium |
| 26927 | GForge account/verify.php confirm_hash Parameter XSS | medium |
| 26196 | Google Mini Search Appliance search Script ie Parameter XSS | medium |
| 26070 | Apache Tomcat Sample App cal2.jsp 'time' Parameter XSS (CVE-2006-7196) | medium |
| 26069 | IceWarp Merak Mail Server < 9.0.0 BODY Element XSS | medium |
| 25995 | Apache Tomcat SendMailServlet sendmail.jsp 'mailfrom' Parameter XSS | medium |
| 25823 | Joomla! com_content Component 'order' Parameter XSS | medium |
| 25553 | FuseTalk Multiple Script XSS | medium |
