Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-11 | CVE-2018-20778 | Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5 admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element. | 6.1 |
| 2019-02-11 | CVE-2018-20777 | Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field. | 5.4 |
| 2019-02-11 | CVE-2018-20774 | Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field. | 5.4 |
| 2019-02-10 | CVE-2019-7693 | Cross-site Scripting vulnerability in Axiositalia Registro Elettronico 1.7.0/7.0.0 Axios Italia Axios RE 1.7.0/7.0.0 devices have XSS via the RELogOff.aspx Error_Parameters parameter. | 6.1 |
| 2019-02-09 | CVE-2019-7677 | Cross-site Scripting vulnerability in Enphase Envoy XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888. | 6.1 |
| 2019-02-08 | CVE-2019-1673 | Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.5(0.353) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 5.4 |
| 2019-02-07 | CVE-2019-1671 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 6.1 |
| 2019-02-07 | CVE-2019-1670 | Cross-site Scripting vulnerability in Cisco Unified Intelligence Center 9.5(1) A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 6.1 |
| 2019-02-07 | CVE-2019-1661 | Cross-site Scripting vulnerability in Cisco Telepresence Management Suite 15.0 A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2019-02-07 | CVE-2019-1677 | Cross-site Scripting vulnerability in Cisco Webex Meetings A vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application. | 4.6 |