Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-05 | CVE-2019-8092 | Cross-site Scripting vulnerability in Magento A reflected cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 3.5 |
| 2019-11-05 | CVE-2019-6142 | Cross-site Scripting vulnerability in Forcepoint Email Security and Security Manager It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. | 6.1 |
| 2019-11-05 | CVE-2011-1135 | Cross-site Scripting vulnerability in S9Y Serendipity Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php. | 4.3 |
| 2019-11-05 | CVE-2011-1133 | Cross-site Scripting vulnerability in S9Y Serendipity Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php. | 4.3 |
| 2019-11-05 | CVE-2010-3674 | Cross-site Scripting vulnerability in multiple products TYPO3 before 4.4.1 allows XSS in the frontend search box. | 4.3 |
| 2019-11-05 | CVE-2010-3672 | Cross-site Scripting vulnerability in Typo3 TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension. | 4.3 |
| 2019-11-05 | CVE-2013-4107 | Cross-site Scripting vulnerability in Cryptocat Project Cryptocat Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting | 4.3 |
| 2019-11-04 | CVE-2010-3669 | Cross-site Scripting vulnerability in Typo3 TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box. | 4.9 |
| 2019-11-04 | CVE-2010-3665 | Cross-site Scripting vulnerability in Typo3 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the Extension Manager. | 3.5 |
| 2019-11-04 | CVE-2014-3649 | Cross-site Scripting vulnerability in Redhat Jboss Aerogear 20140919 JBoss AeroGear has reflected XSS via the password field | 4.3 |