Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-14 | CVE-2018-1761 | Cross-site Scripting vulnerability in IBM Rational Team Concert IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-site scripting. | 5.4 |
| 2019-03-14 | CVE-2018-1759 | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. | 5.4 |
| 2019-03-14 | CVE-2018-1688 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to cross-site scripting. | 5.4 |
| 2019-03-14 | CVE-2019-9765 | Cross-site Scripting vulnerability in Blog Mini Project Blog Mini 1.0 In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html. | 6.1 |
| 2019-03-13 | CVE-2019-9752 | Cross-site Scripting vulnerability in multiple products An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. | 5.4 |
| 2019-03-13 | CVE-2019-9751 | Cross-site Scripting vulnerability in Otrs An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. | 4.8 |
| 2019-03-13 | CVE-2019-6600 | Cross-site Scripting vulnerability in F5 products In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when remote authentication is enabled for administrative users and all external users are granted the "guest" role, unsanitized values can be reflected to the client via the login page. | 6.1 |
| 2019-03-13 | CVE-2019-6599 | Cross-site Scripting vulnerability in F5 Big-Ip Access Policy Manager In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise Manager 3.1.1, improper escaping of values in an undisclosed page of the configuration utility may result with an improper handling on the JSON response when it is injected by a malicious script via a remote cross-site scripting (XSS) attack. | 6.1 |
| 2019-03-13 | CVE-2019-9738 | Cross-site Scripting vulnerability in Golangtc Gopher 2.0 jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '<EMBED SRC="data:image/svg+xml' substring. | 6.1 |
| 2019-03-13 | CVE-2019-9737 | Cross-site Scripting vulnerability in Ipandao Editor.Md 1.5.0 Editor.md 1.5.0 has DOM-based XSS via vectors involving the '<EMBED SRC="data:image/svg+xml' substring. | 6.1 |