Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-03	CVE-2019-5422	Cross-site Scripting vulnerability in Buttle Project Buttle 0.2.0 XSS in buttle npm package version 0.2.0 causes execution of attacker-provided code in the victim's browser when an attacker creates an arbitrary file on the server. network low complexity buttle-project CWE-79	6.1
2019-04-03	CVE-2019-10261	Cross-site Scripting vulnerability in Centos-Webpanel Centos web Panel 0.9.8.789 CentOS Web Panel (CWP) 0.9.8.789 is vulnerable to Stored/Persistent XSS for the "Name Server 1" and "Name Server 2" fields via a "DNS Functions" "Edit Nameservers IPs" action. network low complexity centos-webpanel CWE-79	4.8
2019-04-03	CVE-2018-1913	Cross-site Scripting vulnerability in IBM Doors Next Generation 5.0/6.0/6.0.2 IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.3 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2019-04-03	CVE-2018-1731	Cross-site Scripting vulnerability in IBM Doors Next Generation 5.0/6.0/6.0.2 IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.3 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	4.8
2019-04-02	CVE-2018-18035	Cross-site Scripting vulnerability in Open-Emr Openemr A vulnerability in flashcanvas.swf in OpenEMR before 5.0.1 Patch 6 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. network low complexity open-emr CWE-79	6.1
2019-04-01	CVE-2018-17989	Cross-site Scripting vulnerability in Dlink Dsl-3782 Firmware 1.01 A stored XSS vulnerability exists in the web interface on D-Link DSL-3782 devices with firmware 1.01 that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page. network low complexity dlink CWE-79	5.4
2019-04-01	CVE-2019-5888	Cross-site Scripting vulnerability in Overit Geocall 6.3 Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977. network low complexity overit CWE-79	6.1
2019-04-01	CVE-2018-13293	Cross-site Scripting vulnerability in Synology Diskstation Manager Cross-site scripting (XSS) vulnerability in Control Panel SSO Settings in Synology DiskStation Manager (DSM) before 6.2.1-23824 allows remote authenticated users to inject arbitrary web script or HTML via the URL parameter. network low complexity synology CWE-79	5.4
2019-04-01	CVE-2017-16774	Cross-site Scripting vulnerability in Synology Diskstation Manager Cross-site scripting (XSS) vulnerability in SYNO.Core.PersonalNotification.Event in Synology DiskStation Manager (DSM) before 6.1.4-15217-3 allows remote authenticated users to inject arbitrary web script or HTML via the package parameter. network low complexity synology CWE-79	5.4
2019-03-30	CVE-2019-10646	Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 Wolf CMS v0.8.3.1 is affected by cross site scripting (XSS) in the module Add Snippet (/?/admin/snippet/add). network low complexity wolfcms CWE-79	6.1