Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-16 | CVE-2019-15269 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 3.5 |
| 2019-10-16 | CVE-2019-15268 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 3.5 |
| 2019-10-16 | CVE-2019-12718 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 4.3 |
| 2019-10-16 | CVE-2019-12705 | Cross-site Scripting vulnerability in Cisco Telepresence Video Communication Server A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.3 |
| 2019-10-16 | CVE-2019-12703 | Cross-site Scripting vulnerability in Cisco Spa122 Firmware 1.4.1 A vulnerability in the web-based management interface of Cisco SPA122 ATA with Router Devices could allow an unauthenticated, adjacent attacker to conduct cross-site scripting attacks. | 2.9 |
| 2019-10-16 | CVE-2019-12702 | Cross-site Scripting vulnerability in Cisco Spa112 Firmware and Spa122 Firmware A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to conduct cross-site scripting attacks. | 3.5 |
| 2019-10-16 | CVE-2019-12638 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web-based management interface. | 3.5 |
| 2019-10-16 | CVE-2019-12637 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web-based management interface. | 3.5 |
| 2019-10-16 | CVE-2019-17663 | Cross-site Scripting vulnerability in D-Link Dir-866L Firmware 1.03B04 D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in the device common gateway interface, leading to common injection. | 6.1 |
| 2019-10-16 | CVE-2019-17578 | Cross-site Scripting vulnerability in Dolibarr Erp/Crm 10.0.2 An issue was discovered in Dolibarr 10.0.2. | 5.4 |