Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2019-10-09 CVE-2019-0047 Cross-site Scripting vulnerability in Juniper Junos
A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device.
network
juniper CWE-79
4.3
4.3
2019-10-09 CVE-2019-17092 Cross-site Scripting vulnerability in Openproject
An XSS vulnerability in project list in OpenProject before 9.0.4 and 10.x before 10.0.2 allows remote attackers to inject arbitrary web script or HTML via the sortBy parameter because error messages are mishandled.
network
low complexity
openproject CWE-79
6.1
6.1
2019-10-09 CVE-2019-17385 Cross-site Scripting vulnerability in Eleopard Animate It!
The animate-it plugin before 2.3.5 for WordPress has XSS.
network
eleopard CWE-79
4.3
4.3
2019-10-09 CVE-2019-17384 Cross-site Scripting vulnerability in Eleopard Animate It!
The animate-it plugin before 2.3.4 for WordPress has XSS.
network
eleopard CWE-79
4.3
4.3
2019-10-09 CVE-2019-17380 Cross-site Scripting vulnerability in Cpanel
cPanel before 82.0.15 allows self XSS in the WHM Update Preferences interface (SEC-528).
network
cpanel CWE-79
4.3
4.3
2019-10-09 CVE-2019-17379 Cross-site Scripting vulnerability in Cpanel
cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Manager interface (SEC-527).
network
cpanel CWE-79
4.3
4.3
2019-10-09 CVE-2019-17378 Cross-site Scripting vulnerability in Cpanel
cPanel before 82.0.15 allows self XSS in the SSL Key Delete interface (SEC-526).
network
cpanel CWE-79
4.3
4.3
2019-10-09 CVE-2019-17377 Cross-site Scripting vulnerability in Cpanel
cPanel before 82.0.15 allows self XSS in LiveAPI example scripts (SEC-524).
network
cpanel CWE-79
4.3
4.3
2019-10-09 CVE-2019-17376 Cross-site Scripting vulnerability in Cpanel
cPanel before 82.0.15 allows self XSS in the SSL Certificate Upload interface (SEC-521).
network
cpanel CWE-79
4.3
4.3
2019-10-09 CVE-2019-11212 Cross-site Scripting vulnerability in Tibco Master Data Management
The MDM server component of TIBCO Software Inc's TIBCO MDM contains multiple vulnerabilities that theoretically allow an authenticated user with specific roles to perform cross-site scripting (XSS) attacks.
network
tibco CWE-79
3.5
3.5