Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-01 | CVE-2019-4494 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-10-01 | CVE-2019-14952 | Cross-site Scripting vulnerability in Jetbrains Youtrack JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles. | 4.3 |
| 2019-10-01 | CVE-2019-10432 | Cross-site Scripting vulnerability in Jenkins Html Publisher Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those. | 5.4 |
| 2019-09-30 | CVE-2019-15810 | Cross-site Scripting vulnerability in Netdisco 2.042010 Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter. | 4.3 |
| 2019-09-30 | CVE-2019-4115 | Cross-site Scripting vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 8.6 Admin API is vulnerable to cross-site scripting. | 5.4 |
| 2019-09-30 | CVE-2019-4106 | Cross-site Scripting vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 8.6 Admin Console is vulnerable to cross-site scripting. | 4.8 |
| 2019-09-30 | CVE-2019-16684 | Cross-site Scripting vulnerability in Xoops 2.5.10 An issue was discovered in the image-manager in Xoops 2.5.10. | 3.5 |
| 2019-09-30 | CVE-2019-16683 | Cross-site Scripting vulnerability in Xoops 2.5.10 An issue was discovered in the image-manager in Xoops 2.5.10. | 3.5 |
| 2019-09-30 | CVE-2019-17045 | Cross-site Scripting vulnerability in Ilch CMS 2.1.22 Ilch 2.1.22 allows stored XSS via the title, text, or email id to the Jobs Tab. | 3.5 |
| 2019-09-30 | CVE-2019-16414 | Cross-site Scripting vulnerability in GFI Kerio Control 9.3.0 A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure&NTLM= URI. | 4.3 |