Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-19 | CVE-2019-18209 | Cross-site Scripting vulnerability in Etherpad 1.7.5 templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer. | 4.3 |
2019-10-18 | CVE-2019-4409 | Cross-site Scripting vulnerability in Hcltech Traveler HCL Traveler versions 9.x and earlier are susceptible to cross-site scripting attacks. | 3.5 |
2019-10-18 | CVE-2019-17207 | Cross-site Scripting vulnerability in Managewp Broken Link Checker A reflected XSS vulnerability was found in includes/admin/table-printer.php in the broken-link-checker (aka Broken Link Checker) plugin 1.11.8 for WordPress. | 3.5 |
2019-10-17 | CVE-2019-8160 | Cross-site Scripting vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a cross-site scripting vulnerability. | 4.3 |
2019-10-17 | CVE-2019-17120 | Cross-site Scripting vulnerability in Wikidsystems 2FA Enterprise Server A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/adm_usrs.jsp. | 4.3 |
2019-10-17 | CVE-2019-17116 | Cross-site Scripting vulnerability in Wikidsystems TWO Factor Authentication Enterprise Server A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. | 4.3 |
2019-10-17 | CVE-2019-17115 | Cross-site Scripting vulnerability in Wikidsystems TWO Factor Authentication Enterprise Server Multiple cross-site scripting (XSS) vulnerabilities in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML that is triggered when Logs.jsp is visited. | 4.3 |
2019-10-17 | CVE-2019-17114 | Cross-site Scripting vulnerability in Wikidsystems TWO Factor Authentication Enterprise Server A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allows remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. | 4.3 |
2019-10-17 | CVE-2019-16330 | Cross-site Scripting vulnerability in Nchsoftware Express Accounts Accounting 7.02 In NCH Express Accounts Accounting v7.02, persistent cross site scripting (XSS) exists in Invoices/Sales Orders/Items/Customers/Quotes input field. | 3.5 |
2019-10-17 | CVE-2019-17674 | Cross-site Scripting vulnerability in multiple products WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer. | 5.4 |