Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-30 | CVE-2019-14752 | Cross-site Scripting vulnerability in Salesagility Suitecrm SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS. | 4.3 |
| 2019-09-28 | CVE-2019-16935 | Cross-site Scripting vulnerability in multiple products The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. | 6.1 |
| 2019-09-28 | CVE-2019-16926 | Cross-site Scripting vulnerability in Flower Project Flower 1.0.0 Flower 0.9.3 has XSS via a crafted worker name. | 6.1 |
| 2019-09-28 | CVE-2019-16925 | Cross-site Scripting vulnerability in Flower Project Flower 1.0.0 Flower 0.9.3 has XSS via the name parameter in an @app.task call. | 6.1 |
| 2019-09-27 | CVE-2019-3747 | Cross-site Scripting vulnerability in Dell EMC Integrated Data Protection Appliance Firmware 2.0/2.1/2.2 Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. | 3.5 |
| 2019-09-27 | CVE-2019-16688 | Cross-site Scripting vulnerability in Dolibarr Erp/Crm 9.0.5 Dolibarr 9.0.5 has stored XSS in an Email Template section to mails_templates.php. | 5.4 |
| 2019-09-27 | CVE-2019-16687 | Cross-site Scripting vulnerability in Dolibarr Erp/Crm 9.0.5 Dolibarr 9.0.5 has stored XSS in a User Profile in a Signature section to card.php. | 5.4 |
| 2019-09-27 | CVE-2019-16686 | Cross-site Scripting vulnerability in Dolibarr Erp/Crm 9.0.5 Dolibarr 9.0.5 has stored XSS in a User Note section to note.php. | 5.4 |
| 2019-09-27 | CVE-2019-16685 | Cross-site Scripting vulnerability in Dolibarr Erp/Crm 9.0.5 Dolibarr 9.0.5 has stored XSS vulnerability via a User Group Description section to card.php. | 5.4 |
| 2019-09-27 | CVE-2019-11744 | Cross-site Scripting vulnerability in Mozilla Firefox Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. | 4.3 |