Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-13	CVE-2017-18613	Cross-site Scripting vulnerability in Trust Form Project Trust Form 2.0 The trust-form plugin 2.0 for WordPress has XSS via the wp-admin/admin.php?page=trust-form-edit page parameter. network trust-form-project CWE-79	4.3
2019-09-13	CVE-2017-18612	Cross-site Scripting vulnerability in Netattingo Wp-Whois-Domain 1.0.0 The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter. network netattingo CWE-79	4.3
2019-09-13	CVE-2016-10941	Cross-site Scripting vulnerability in Podlove Podcast Publisher The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF. network podlove CWE-79	4.3
2019-09-12	CVE-2019-6003	Cross-site Scripting vulnerability in Ec-Cube Amazon PAY 2.12/2.13/2.4.2 Cross-site scripting vulnerability in EC-CUBE plugin 'Amazon Pay Plugin 2.12,2.13' version 2.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network ec-cube CWE-79	4.3
2019-09-12	CVE-2019-5985	Cross-site Scripting vulnerability in multiple products Cross-site scripting vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. network ntt-east ntt-west CWE-79	4.3
2019-09-12	CVE-2019-5975	Cross-site Scripting vulnerability in Cybozu Garoon DOM-based cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. network cybozu CWE-79	3.5
2019-09-12	CVE-2019-3638	Cross-site Scripting vulnerability in Mcafee web Gateway Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x prior to 7.8.2.13 allows remote attackers to collect sensitive information or execute commands with the MWG administrator's credentials via tricking the administrator to click on a carefully constructed malicious link. network low complexity mcafee CWE-79 critical	9.6
2019-09-12	CVE-2019-16238	Cross-site Scripting vulnerability in Afterlogic Aurora 8.3.9 Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be leveraged for session hijacking by retrieving the session cookie from the administrator login. network afterlogic CWE-79	4.3
2019-09-12	CVE-2019-10396	Cross-site Scripting vulnerability in Jenkins Dashboard View Jenkins Dashboard View Plugin 2.11 and earlier did not escape build descriptions, resulting in a cross-site scripting vulnerability exploitable by users able to change build descriptions. network low complexity jenkins CWE-79	5.4
2019-09-12	CVE-2019-10395	Cross-site Scripting vulnerability in Jenkins Build Environment Jenkins Build Environment Plugin 1.6 and earlier did not escape variables shown on its views, resulting in a cross-site scripting vulnerability in Jenkins 2.145, 2.138.1, or older, exploitable by users able to change various job/build properties. network low complexity jenkins CWE-79	5.4