Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-25 | CVE-2019-7608 | Cross-site Scripting vulnerability in Elastic Kibana Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. | 6.1 |
| 2019-03-25 | CVE-2018-12653 | Cross-site Scripting vulnerability in Myadrenalin Adrenalin 5.4.0 A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. | 6.1 |
| 2019-03-25 | CVE-2018-12652 | Cross-site Scripting vulnerability in Myadrenalin Adrenalin 5.4.0 A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. | 6.1 |
| 2019-03-25 | CVE-2019-3810 | Cross-site Scripting vulnerability in Moodle A flaw was found in moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. | 6.1 |
| 2019-03-25 | CVE-2019-3808 | Cross-site Scripting vulnerability in Moodle A flaw was found in Moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. | 5.4 |
| 2019-03-25 | CVE-2019-3480 | Cross-site Scripting vulnerability in HP Arcsight Logger Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7. | 6.1 |
| 2019-03-25 | CVE-2019-10016 | Cross-site Scripting vulnerability in Gforge Advanced Server 6.4.4 GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words parameter, as demonstrated by a snippet/search/?words= substring. | 6.1 |
| 2019-03-25 | CVE-2019-10027 | Cross-site Scripting vulnerability in PHPcms PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox (aka E-mail) field on the personal information screen. | 4.8 |
| 2019-03-24 | CVE-2019-10017 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.10 CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker. | 5.4 |
| 2019-03-24 | CVE-2019-10010 | Cross-site Scripting vulnerability in Thephpleague Commonmark Cross-site scripting (XSS) vulnerability in the PHP League CommonMark library before 0.18.3 allows remote attackers to insert unsafe links into HTML by using double-encoded HTML entities that are not properly escaped during rendering, a different vulnerability than CVE-2018-20583. | 6.1 |