Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-26 | CVE-2015-9411 | Cross-site Scripting vulnerability in Gopostmatic Replyable 1.4.5 The Postmatic plugin before 1.4.6 for WordPress has XSS. | 4.3 |
| 2019-09-26 | CVE-2015-9410 | Cross-site Scripting vulnerability in Blubrry Powerpress 6.0.4 The Blubrry PowerPress Podcasting plugin 6.0.4 for WordPress has XSS via the tab parameter. | 5.4 |
| 2019-09-25 | CVE-2017-18635 | Cross-site Scripting vulnerability in multiple products An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name. | 4.3 |
| 2019-09-25 | CVE-2019-16890 | Cross-site Scripting vulnerability in Halo 1.1.0 Halo 1.1.0 has XSS via a crafted authorUrl in JSON data to api/content/posts/comments. | 3.5 |
| 2019-09-25 | CVE-2019-12668 | Cross-site Scripting vulnerability in Cisco IOS and IOS XE A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. | 3.5 |
| 2019-09-25 | CVE-2019-12667 | Cross-site Scripting vulnerability in Cisco IOS XE A vulnerability in the web framework code of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software. | 3.5 |
| 2019-09-25 | CVE-2019-4571 | Cross-site Scripting vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. | 5.4 |
| 2019-09-25 | CVE-2019-12205 | Cross-site Scripting vulnerability in Silverstripe SilverStripe through 4.3.3 has Flash Clipboard Reflected XSS. | 4.3 |
| 2019-09-25 | CVE-2019-6653 | Cross-site Scripting vulnerability in F5 Big-Iq Centralized Management There is a Stored Cross Site Scripting vulnerability in the undisclosed page of a BIG-IQ 6.0.0-6.1.0 or 5.2.0-5.4.0 system. | 5.4 |
| 2019-09-25 | CVE-2019-10410 | Cross-site Scripting vulnerability in Jenkins LOG Parser Jenkins Log Parser Plugin 2.0 and earlier did not escape an error message, resulting in a cross-site scripting vulnerability exploitable by users able to define log parsing rules. | 5.4 |