Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2019-10-10 CVE-2019-17493 Cross-site Scripting vulnerability in Jnoj Jiangnan Online Judge 0.8.0
Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[sample_input] parameter to web/admin/problem/create or web/polygon/problem/update.
network
jnoj CWE-79
4.3
4.3
2019-10-10 CVE-2019-17491 Cross-site Scripting vulnerability in Jnoj Jiangnan Online Judge 0.8.0
Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[description] parameter to web/admin/problem/create or web/polygon/problem/update.
network
jnoj CWE-79
4.3
4.3
2019-10-10 CVE-2019-17489 Cross-site Scripting vulnerability in Jnoj Jiangnan Online Judge 0.8.0
Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[title] parameter to web/polygon/problem/create or web/polygon/problem/update or web/admin/problem/create.
network
jnoj CWE-79
4.3
4.3
2019-10-10 CVE-2019-17488 Cross-site Scripting vulnerability in B3Log Symphony
b3log Symphony (aka Sym) before 3.6.0 has XSS via the HTTP User-Agent header.
network
b3log CWE-79
4.3
4.3
2019-10-10 CVE-2015-9478 Cross-site Scripting vulnerability in No-Margin-For-Error Prettyphoto
prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS. 		4.3
4.3
2019-10-10 CVE-2015-9472 Cross-site Scripting vulnerability in Monitorbacklinks Incoming Links
The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header. 		4.3
4.3
2019-10-10 CVE-2015-9469 Cross-site Scripting vulnerability in Cybercraftit Content-Grabber 1.0
The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id. 		3.5
3.5
2019-10-10 CVE-2015-9468 Cross-site Scripting vulnerability in K-78 Broken Link Manager 0.4.5
The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action.
network
k-78 CWE-79
4.3
4.3
2019-10-10 CVE-2015-9459 Cross-site Scripting vulnerability in SEO Searchterms Tagging 2 Project SEO Searchterms Tagging 2
The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter. 		4.3
4.3
2019-10-10 CVE-2019-1375 Cross-site Scripting vulnerability in Microsoft Dynamics 365
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.
network
microsoft CWE-79
3.5
3.5