Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2019-05-23 CVE-2019-10846 Cross-site Scripting vulnerability in Computrols Building Automation Software
Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter.
network
computrols CWE-79
4.3
4.3
2019-05-23 CVE-2018-19614 Cross-site Scripting vulnerability in Westermo Dr-250 Firmware, Dr-260 Firmware and Mr-260 Firmware
XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers.
network
westermo CWE-79
4.3
4.3
2019-05-23 CVE-2017-11560 Cross-site Scripting vulnerability in Zohocorp Manageengine Opmanager 12.2
An issue was discovered in ZOHO ManageEngine OpManager 12.2.
network
zohocorp CWE-79
3.5
3.5
2019-05-23 CVE-2017-13668 Cross-site Scripting vulnerability in Open-Xchange Appsuite
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). 		3.5
3.5
2019-05-23 CVE-2017-11739 Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager 13.1
In Zoho ManageEngine Application Manager 13.1 Build 13100, an authenticated user, with administrative privileges, has the ability to add a widget on any dashboard.
network
zohocorp CWE-79
4.3
4.3
2019-05-23 CVE-2017-5213 Cross-site Scripting vulnerability in Open-Xchange Appsuite
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS). 		4.3
4.3
2019-05-23 CVE-2017-17061 Cross-site Scripting vulnerability in Open-Xchange Appsuite
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). 		3.5
3.5
2019-05-23 CVE-2017-15030 Cross-site Scripting vulnerability in Open-Xchange Appsuite
Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). 		4.3
4.3
2019-05-22 CVE-2018-7834 Cross-site Scripting vulnerability in Schneider-Electric Tsxetg100 Firmware
A CWE-79 Cross-Site Scripting vulnerability exists in all versions of the TSXETG100 allowing an attacker to send a specially crafted URL with an embedded script to a user that would then be executed within the context of that user. 		4.3
4.3
2019-05-22 CVE-2018-7827 Cross-site Scripting vulnerability in Schneider-Electric products
A Cross-Site Scripting (XSS) vulnerability exists in the 1st Gen. 		3.5
3.5