Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-08 | CVE-2018-19006 | Cross-site Scripting vulnerability in Osisoft PI Vision 2017 OSIsoft PI Vision, versions PI Vision 2017, and PI Vision 2017 R2, The application contains a cross-site scripting vulnerability where displays that reference AF elements and attributes containing JavaScript are affected. | 4.8 |
| 2019-04-06 | CVE-2019-10905 | Cross-site Scripting vulnerability in Parsedown Parsedown before 1.7.2, when safe mode is used and HTML markup is disabled, might allow attackers to execute arbitrary JavaScript code if a script (already running on the affected page) executes the contents of any element with a specific class. | 8.1 |
| 2019-04-06 | CVE-2019-10904 | Cross-site Scripting vulnerability in multiple products Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors. | 6.1 |
| 2019-04-05 | CVE-2019-10887 | Cross-site Scripting vulnerability in Salicru Slc-20-Cube3(5) Cs121Snmp4.54.82.130611 A reflected HTML injection vulnerability on Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82.130611 allows remote attackers to inject arbitrary HTML elements via a /DataLog.csv?log= or /AlarmLog.csv?log= or /waitlog.cgi?name= or /chart.shtml?data= or /createlog.cgi?name= request. | 6.1 |
| 2019-04-05 | CVE-2018-20816 | Cross-site Scripting vulnerability in Salesagility Suitecrm An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. | 6.1 |
| 2019-04-04 | CVE-2019-1827 | Cross-site Scripting vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the Online Help web service of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the service. | 6.1 |
| 2019-04-03 | CVE-2018-4377 | Cross-site Scripting vulnerability in Apple products A cross-site scripting issue existed in Safari. | 6.1 |
| 2019-04-03 | CVE-2018-4374 | Cross-site Scripting vulnerability in Apple products A logic issue was addressed with improved validation. | 6.1 |
| 2019-04-03 | CVE-2018-4345 | Cross-site Scripting vulnerability in Apple products A cross-site scripting issue existed in Safari. | 6.1 |
| 2019-04-03 | CVE-2018-4309 | Cross-site Scripting vulnerability in Apple products A cross-site scripting issue existed in Safari. | 6.1 |