Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-01 | CVE-2018-16481 | Cross-site Scripting vulnerability in Html-Pages Project Html-Pages A XSS vulnerability was found in html-page <=2.1.1 that allows malicious Javascript code to be executed in the user's browser due to the absence of sanitization of the paths before rendering. | 6.1 |
| 2019-02-01 | CVE-2018-16480 | Cross-site Scripting vulnerability in Public Project Public A XSS vulnerability was found in module public <0.1.4 that allows malicious Javascript code to run in the browser, due to the absence of sanitization of the file/folder names before rendering. | 6.1 |
| 2019-01-31 | CVE-2019-7296 | Cross-site Scripting vulnerability in Typora typora through 0.9.64 has XSS, with resultant remote command execution, during inline rendering of a mathematical formula. | 6.1 |
| 2019-01-31 | CVE-2019-7295 | Cross-site Scripting vulnerability in Typora typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula. | 6.1 |
| 2019-01-31 | CVE-2018-19041 | Cross-site Scripting vulnerability in Media File Manager Project Media File Manager 1.4.2 The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI. | 6.1 |
| 2019-01-31 | CVE-2018-18940 | Cross-site Scripting vulnerability in Netscape Enterprise Server 3.63 servlet/SnoopServlet (a servlet installed by default) in Netscape Enterprise 3.63 has reflected XSS via an arbitrary parameter=[XSS] in the query string. | 6.1 |
| 2019-01-31 | CVE-2019-4040 | Cross-site Scripting vulnerability in IBM I 7.2/7.3 IBM I 7.2 and 7.3 is vulnerable to cross-site scripting. | 6.1 |
| 2019-01-31 | CVE-2019-7250 | Cross-site Scripting vulnerability in Cross Reference Project Cross Reference 36 An issue was discovered in the Cross Reference Add-on 36 for Google Docs. | 6.1 |
| 2019-01-30 | CVE-2019-3911 | Cross-site Scripting vulnerability in Labkey Server Reflected cross-site scripting (XSS) vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 allows an unauthenticated remote attacker to inject arbitrary javascript via the onerror parameter in the /__r2/query endpoints. | 6.1 |
| 2019-01-30 | CVE-2019-1566 | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. | 6.1 |