Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-21 | CVE-2019-16661 | Cross-site Scripting vulnerability in Digimute Ogma CMS 0.5 Ogma CMS 0.5 has XSS via creation of a new blog. | 3.5 |
| 2019-09-21 | CVE-2019-16657 | Cross-site Scripting vulnerability in Tuzicms 2.0.6 TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/. | 4.3 |
| 2019-09-20 | CVE-2018-11200 | Cross-site Scripting vulnerability in Acquia Mautic 2.13.1 An issue was discovered in Mautic 2.13.1. | 4.3 |
| 2019-09-20 | CVE-2019-16643 | Cross-site Scripting vulnerability in Zrlog 2.0.1 An issue was discovered in ZrLog 2.1.1. | 3.5 |
| 2019-09-20 | CVE-2019-16534 | Cross-site Scripting vulnerability in Draytek Vigor2925 Firmware 3.8.4.3 On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. | 4.3 |
| 2019-09-20 | CVE-2019-16533 | Cross-site Scripting vulnerability in Draytek Vigor2925 Firmware 3.8.4.3 On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. | 4.3 |
| 2019-09-20 | CVE-2015-9407 | Cross-site Scripting vulnerability in Cyberseo Xpinner Lite 2.2 The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS. | 4.3 |
| 2019-09-20 | CVE-2015-9405 | Cross-site Scripting vulnerability in Wp-Piwik Project Wp-Piwik The wp-piwik plugin before 1.0.5 for WordPress has XSS. | 4.3 |
| 2019-09-20 | CVE-2015-9404 | Cross-site Scripting vulnerability in Neuvoo Neuvoo-Jobroll 2.0 The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS. | 4.3 |
| 2019-09-20 | CVE-2015-9403 | Cross-site Scripting vulnerability in Neuvoo Neuvoo-Jobroll 2.0 The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS. | 4.3 |