Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-02 | CVE-2019-18667 | Cross-site Scripting vulnerability in Pfsense Pfsense-Pkg-Freeradius3 /usr/local/www/freeradius_view_config.php in the freeradius3 package before 0.15.7_3 for pfSense on FreeBSD allows a user with an XSS payload as password or username to execute arbitrary javascript code on a victim browser. | 4.3 |
| 2019-11-02 | CVE-2019-18664 | Cross-site Scripting vulnerability in Secudos Domos The Log module in SECUDOS DOMOS before 5.6 allows XSS. | 3.5 |
| 2019-11-01 | CVE-2013-4168 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. | 4.3 |
| 2019-11-01 | CVE-2019-18654 | Cross-site Scripting vulnerability in AVG Anti-Virus 19.3.3084 A Cross Site Scripting (XSS) issue exists in AVG AntiVirus (Internet Security Edition) 19.3.3084 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name. | 6.1 |
| 2019-11-01 | CVE-2019-18653 | Cross-site Scripting vulnerability in Avast Antivirus 19.3.2369 A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name. | 6.1 |
| 2019-11-01 | CVE-2013-0186 | Cross-site Scripting vulnerability in Redhat products Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2019-11-01 | CVE-2010-3660 | Cross-site Scripting vulnerability in Typo3 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the backend. | 3.5 |
| 2019-11-01 | CVE-2005-2350 | Cross-site Scripting vulnerability in Websieve Project Websieve 0.62 Cross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface. | 4.3 |
| 2019-11-01 | CVE-2019-6657 | Cross-site Scripting vulnerability in F5 products On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility. | 4.3 |
| 2019-11-01 | CVE-2019-18636 | Cross-site Scripting vulnerability in Jitbit .Net Forum 8.3.8 A cross-site scripting (XSS) vulnerability in Jitbit .NET Forum (aka ASP.NET forum) 8.3.8 allows remote attackers to inject arbitrary web script or HTML via the gravatar URL parameter. | 3.5 |