Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-27	CVE-2019-11741	Cross-site Scripting vulnerability in Mozilla Firefox A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. network mozilla CWE-79	4.3
2019-09-27	CVE-2019-16923	Cross-site Scripting vulnerability in Kkcms Project Kkcms 1.3 kkcms 1.3 has jx.php?url= XSS. network kkcms-project CWE-79	4.3
2019-09-26	CVE-2019-12562	Cross-site Scripting vulnerability in Dnnsoftware Dotnetnuke Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. network dnnsoftware CWE-79	4.3
2019-09-26	CVE-2019-16914	Cross-site Scripting vulnerability in Netgate Pfsense An XSS issue was discovered in pfSense through 2.4.4-p3. network netgate CWE-79	4.3
2019-09-26	CVE-2019-16524	Cross-site Scripting vulnerability in Status301 Easy Fancybox The easy-fancybox plugin before 1.8.18 for WordPress (aka Easy FancyBox) is susceptible to Stored XSS in the Settings Menu inc/class-easyfancybox.php due to improper encoding of arbitrarily submitted settings parameters. network status301 CWE-79	3.5
2019-09-26	CVE-2019-10092	Cross-site Scripting vulnerability in multiple products In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. network low complexity apache opensuse debian redhat fedoraproject canonical netapp oracle CWE-79	6.1
2019-09-26	CVE-2019-16904	Cross-site Scripting vulnerability in Teampass 2.1.27.36 TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. network teampass CWE-79	3.5
2019-09-26	CVE-2019-14272	Cross-site Scripting vulnerability in Silverstripe In SilverStripe asset-admin 4.0, there is XSS in file titles managed through the CMS. network silverstripe CWE-79	3.5
2019-09-26	CVE-2015-9444	Cross-site Scripting vulnerability in Altosresearch Altos-Connect 1.3.0 The altos-connect plugin 1.3.0 for WordPress has XSS via the wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/ PATH_SELF. network altosresearch CWE-79	4.3
2019-09-26	CVE-2015-9439	Cross-site Scripting vulnerability in Addthis The addthis plugin before 5.0.13 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=addthis_social_widget pubid parameter. network addthis CWE-79	3.5