Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-23 | CVE-2019-10846 | Cross-site Scripting vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter. | 4.3 |
2019-05-23 | CVE-2018-19614 | Cross-site Scripting vulnerability in Westermo Dr-250 Firmware, Dr-260 Firmware and Mr-260 Firmware XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. | 4.3 |
2019-05-23 | CVE-2017-11560 | Cross-site Scripting vulnerability in Zohocorp Manageengine Opmanager 12.2 An issue was discovered in ZOHO ManageEngine OpManager 12.2. | 3.5 |
2019-05-23 | CVE-2017-13668 | Cross-site Scripting vulnerability in Open-Xchange Appsuite OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). | 3.5 |
2019-05-23 | CVE-2017-11739 | Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager 13.1 In Zoho ManageEngine Application Manager 13.1 Build 13100, an authenticated user, with administrative privileges, has the ability to add a widget on any dashboard. | 4.3 |
2019-05-23 | CVE-2017-5213 | Cross-site Scripting vulnerability in Open-Xchange Appsuite Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS). | 4.3 |
2019-05-23 | CVE-2017-17061 | Cross-site Scripting vulnerability in Open-Xchange Appsuite OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). | 3.5 |
2019-05-23 | CVE-2017-15030 | Cross-site Scripting vulnerability in Open-Xchange Appsuite Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). | 4.3 |
2019-05-22 | CVE-2018-7834 | Cross-site Scripting vulnerability in Schneider-Electric Tsxetg100 Firmware A CWE-79 Cross-Site Scripting vulnerability exists in all versions of the TSXETG100 allowing an attacker to send a specially crafted URL with an embedded script to a user that would then be executed within the context of that user. | 4.3 |
2019-05-22 | CVE-2018-7827 | Cross-site Scripting vulnerability in Schneider-Electric products A Cross-Site Scripting (XSS) vulnerability exists in the 1st Gen. | 3.5 |