Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-17 | CVE-2019-17672 | Cross-site Scripting vulnerability in multiple products WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements. | 6.1 |
2019-10-17 | CVE-2019-17667 | Cross-site Scripting vulnerability in Comtechtel H8 Heights Remote Gateway Firmware 2.5.1 Comtech H8 Heights Remote Gateway 2.5.1 devices allow XSS and HTML injection via the Site Name (aka SiteName) field. | 3.5 |
2019-10-16 | CVE-2019-17611 | Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 has XSS via the install/index.php tableprefix parameter. | 4.3 |
2019-10-16 | CVE-2019-17610 | Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 has XSS via the install/index.php dbpassword parameter. | 4.3 |
2019-10-16 | CVE-2019-17609 | Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 has XSS via the install/index.php dbusername parameter. | 4.3 |
2019-10-16 | CVE-2019-17608 | Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 has XSS via the install/index.php dbname parameter. | 4.3 |
2019-10-16 | CVE-2019-17607 | Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 has XSS via the install/index.php servername parameter. | 4.3 |
2019-10-16 | CVE-2019-15281 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 3.5 |
2019-10-16 | CVE-2019-15280 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface. | 3.5 |
2019-10-16 | CVE-2019-15270 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Firmware A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 3.5 |