| 39590 | Sun Java Web Console helpwindow.jsp / masthead.jsp Multiple XSS | medium |
| 39538 | Movable Type mt-wizard.cgi set_static_uri_to Parameter XSS | medium |
| 39466 | CGI Generic XSS (quick test) | medium |
| 39354 | Kerio MailServer < 6.6.2 Patch 3 / 6.7.0 Patch 1 XSS (KSEC-2009-06-08-01) | medium |
| 39331 | Joomla! < 1.5.11 JA_Purity Template Multiple XSS | medium |
| 38928 | DNN (DotNetNuke) ErrorPage.aspx XSS | medium |
| 38927 | Novell GroupWise WebAccess Login Page User.lang Parameter XSS | medium |
| 38913 | Sun Java System Calendar Server login.wcap Fmt-out Parameter XSS | medium |
| 38911 | AXIGEN Webmail < 7.1.0 HTML Body Script Insertion | medium |
| 38793 | SquirrelMail contrib/decrypt_headers.php XSS | medium |
| 38733 | Project Woodstock 404 Error Page UTF-7 Encoded XSS | medium |
| 38650 | Atmail WebMail <= 5.6.1 (5.61) webadmin/admin.php Multiple Parameter XSS | medium |
| 38649 | Atmail WebMail <= 5.6.0 (5.60) Email Body Injection | medium |
| 38208 | Apache Struts 2 s:a / s:url Tag href Element XSS | low |
| 38199 | BlackBerry Enterprise Server MDS Connection Service XSS | medium |
| 36184 | Atlassian JIRA < 3.13.3 DWR 'c0-id' XSS | medium |
| 36072 | SAP DB / MaxDB WebDBM Multiple Parameter XSS | medium |
| 35806 | Tomcat Sample App cal2.jsp 'time' Parameter XSS | medium |
| 35726 | Novell GroupWise < 7.03HP2 / 8.0HP1 WebAccess Multiple XSS | medium |
| 35611 | ESET Remote Administrator < 3.0.105 Additional Report Settings XSS | medium |
| 35556 | Mono ASP.NET action Attribute XSS | medium |
| 35452 | Apache Jackrabbit 'q' Parameter XSS | medium |
| 35299 | Apache Roller q Parameter XSS | medium |
| 35281 | IceWarp Merak Mail Server < 9.4.0 IMG Tag XSS | medium |
| 35258 | Kerio MailServer < 6.6.2 Multiple XSS (KSEC-2008-12-16-01) | medium |
| 34994 | WordPress wp-includes/feed.php self_link() Function Host Header RSS Feed XSS | medium |
| 34849 | MDaemon WorldClient < 10.0.2 Email Handling XSS | medium |
| 34694 | HP System Management Homepage < 2.1.15.210 Unspecified XSS | medium |
| 34336 | MailMarshal Spam Quarantine Management (SQM) Multiple Component XSS | low |
| 33947 | CiscoWorks Server Common Services Login Page XSS | medium |
| 33945 | Cisco Secure Access Control Server (ACS) CSUserCGI.exe Help Facility XSS | medium |
| 33928 | MS Site Server < 3.0 formslogin.asp url Parameter XSS | medium |
| 33548 | HP System Management Homepage < 2.1.12 Unspecified XSS | medium |
| 33279 | CGIWrap Charset Specification Weakness Error Message XSS | medium |
| 33273 | Resin viewfile Servlet file Parameter XSS | medium |
| 33220 | Adobe Flex 3 History Management historyFrame.html XSS | medium |
| 33219 | Lyris ListManager read/search/results words Parameter XSS | medium |
| 32506 | dotCMS search-results.dot search_query Parameter XSS | medium |
| 32480 | Xerox DocuShare dsweb Servlet Multiple XSS | medium |
| 32434 | Barracuda Spam Firewall cgi-bin/ldap_test.cgi email Parameter XSS | medium |
| 32319 | Django Administration Application Login Form XSS | medium |
| 32136 | Sun Java System Web Server Search Module XSS | medium |
| 31787 | SmarterMail Subject Field XSS | medium |
| 31133 | OSSIM Framework session/login.php dest Parameter XSS | medium |
| 31120 | BEA Plumtree portal/server.pt name Parameter XSS | medium |
| 31117 | ProjectPier index.php Multiple Parameter XSS | medium |
| 30217 | F5 BIG-IP Web Management Multiple XSS | medium |
| 29926 | Sun Java System Identity Manager Multiple XSS | medium |
| 29895 | IceWarp Mail Server admin/index.html message Parameter XSS | medium |
| 29834 | Atlassian JIRA 500page.jsp XSS | medium |
