Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-12 | CVE-2019-9644 | Cross-site Scripting vulnerability in Jupyter Notebook An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before 5.7.6 allows inclusion of resources on malicious pages when visited by users who are authenticated with a Jupyter server. | 5.4 |
| 2019-03-11 | CVE-2019-1707 | Cross-site Scripting vulnerability in Cisco DNA Center A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 5.4 |
| 2019-03-11 | CVE-2019-1702 | Cross-site Scripting vulnerability in Cisco Enterprise Chat and Email 11.6(1) Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 6.1 |
| 2019-03-11 | CVE-2019-9661 | Cross-site Scripting vulnerability in Yzmcms 5.2 Stored XSS exists in YzmCMS 5.2 via the admin/system_manage/user_config_edit.html "value" parameter, | 4.8 |
| 2019-03-11 | CVE-2019-9660 | Cross-site Scripting vulnerability in Yzmcms 5.2 Stored XSS exists in YzmCMS 5.2 via the admin/category/edit.html "catname" parameter. | 4.8 |
| 2019-03-11 | CVE-2019-9650 | Cross-site Scripting vulnerability in Upcoming Events Project Upcoming Events 1.32 An XSS issue was discovered in upcoming_events.php in the Upcoming Events plugin before 1.33 for MyBB via a crafted name for an event. | 6.1 |
| 2019-03-10 | CVE-2019-9646 | Cross-site Scripting vulnerability in Codepeople Contact Form Email The Contact Form Email plugin before 1.2.66 for WordPress allows wp-admin/admin.php item XSS, related to cp_admin_int_edition.inc.php in the "custom edition area." | 6.1 |
| 2019-03-09 | CVE-2019-9580 | Cross-site Scripting vulnerability in Stackstorm In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3, it is possible to bypass the CORS protection mechanism via a "null" origin value, potentially leading to XSS. | 6.1 |
| 2019-03-07 | CVE-2019-8440 | Cross-site Scripting vulnerability in Dilicms 2.4.0 An issue was discovered in DiliCMS 2.4.0. | 4.8 |
| 2019-03-07 | CVE-2019-8439 | Cross-site Scripting vulnerability in Dilicms 2.4.0 An issue was discovered in DiliCMS 2.4.0. | 5.4 |