Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-4542 | Cross-site Scripting vulnerability in IBM Security Directory Server 6.4.0 IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting. | 6.1 |
| 2019-10-02 | CVE-2019-17091 | Cross-site Scripting vulnerability in multiple products faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled. | 4.3 |
| 2019-10-01 | CVE-2019-8290 | Cross-site Scripting vulnerability in Online Store System Project Online Store System 1.0 Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sent_register.php allowing special characters to be included and an XSS payload to be injected. | 4.3 |
| 2019-10-01 | CVE-2019-8289 | Cross-site Scripting vulnerability in Online Store System Project Online Store System 1.0 Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php adidas_member_email variable | 3.5 |
| 2019-10-01 | CVE-2019-8288 | Cross-site Scripting vulnerability in Online Store System Project Online Store System 1.0 Vulnerability in Online Store v1.0, Stored XSS in user_view.php where adidas_member_user variable is not sanitized. | 3.5 |
| 2019-10-01 | CVE-2019-17074 | Cross-site Scripting vulnerability in Xunruicms 4.3.1 An issue was discovered in XunRuiCMS 4.3.1. | 3.5 |
| 2019-10-01 | CVE-2019-14961 | Cross-site Scripting vulnerability in Jetbrains Upsource JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS. | 4.3 |
| 2019-10-01 | CVE-2019-14953 | Cross-site Scripting vulnerability in Jetbrains Youtrack JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser. | 4.3 |
| 2019-10-01 | CVE-2019-4497 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-10-01 | CVE-2019-4495 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |