Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-16	CVE-2019-8363	Cross-site Scripting vulnerability in Verydows 2.0 Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value. network low complexity verydows CWE-79	6.1
2019-02-16	CVE-2019-8361	Cross-site Scripting vulnerability in Responsive Video News Script Project Responsive Video News Script PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar. network low complexity responsive-video-news-script-project CWE-79	6.1
2019-02-15	CVE-2018-1895	Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2019-02-15	CVE-2019-0262	Cross-site Scripting vulnerability in SAP Businessobjects BI Platform 4.10/4.20 SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting (XSS) vulnerability. network low complexity sap CWE-79	5.4
2019-02-15	CVE-2019-0254	Cross-site Scripting vulnerability in SAP Disclosure Management SAP Disclosure Management (before version 10.1 Stack 1301) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. network low complexity sap CWE-79	5.4
2019-02-15	CVE-2019-0251	Cross-site Scripting vulnerability in SAP Businessobjects 4.2/4.3 The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. network low complexity sap CWE-79	6.1
2019-02-14	CVE-2019-6589	Cross-site Scripting vulnerability in F5 products On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an undisclosed page of the BIG-IP TMUI (Traffic Management User Interface) also known as the BIG-IP configuration utility. network low complexity f5 CWE-79	6.1
2019-02-13	CVE-2018-20232	Cross-site Scripting vulnerability in Atlassian Jira The labels widget gadget in Atlassian Jira before version 7.6.11 and from version 7.7.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the rendering of retrieved content from a url location that could be manipulated by the up_projectid widget preference setting. network low complexity atlassian CWE-79	5.4
2019-02-13	CVE-2018-13403	Cross-site Scripting vulnerability in Atlassian Jira The two-dimensional filter statistics gadget in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.12.4, and from version 7.13.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a saved filter when displayed on a Jira dashboard. network low complexity atlassian CWE-79	5.4
2019-02-13	CVE-2018-12409	Cross-site Scripting vulnerability in Tibco Silver Fabric The SOAP Admin API component of TIBCO Software Inc.'s TIBCO Silver Fabric contains a vulnerability that may allow reflected cross-site scripting (XSS) attacks. network low complexity tibco CWE-79	6.1