Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-20 | CVE-2019-10078 | Cross-site Scripting vulnerability in Apache Jspwiki A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. | 6.1 |
2019-05-20 | CVE-2019-10077 | Cross-site Scripting vulnerability in Apache Jspwiki A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. | 6.1 |
2019-05-20 | CVE-2019-10076 | Cross-site Scripting vulnerability in Apache Jspwiki A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. | 6.1 |
2019-05-20 | CVE-2019-4011 | Cross-site Scripting vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. | 5.4 |
2019-05-20 | CVE-2019-11809 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.6. | 4.3 |
2019-05-19 | CVE-2019-12184 | Cross-site Scripting vulnerability in Boostio Boostnote 0.11.15 There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136. | 3.5 |
2019-05-17 | CVE-2019-5947 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'. | 3.5 |
2019-05-17 | CVE-2019-5940 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Scheduler'. | 4.3 |
2019-05-17 | CVE-2019-5939 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Portal'. | 4.3 |
2019-05-17 | CVE-2019-5938 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Mail'. | 4.3 |