Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2015-9276 Cross-site Scripting vulnerability in Smartertools Smartermail
SmarterTools SmarterMail before 13.3.5535 was vulnerable to stored XSS by bypassing the anti-XSS mechanisms.
network
low complexity
smartertools CWE-79
6.1
6.1
2019-01-16 CVE-2019-6264 Cross-site Scripting vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.2.
network
low complexity
joomla CWE-79
6.1
6.1
2019-01-16 CVE-2019-6263 Cross-site Scripting vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.2.
network
low complexity
joomla CWE-79
4.8
4.8
2019-01-16 CVE-2019-6262 Cross-site Scripting vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.2.
network
low complexity
joomla CWE-79
5.4
5.4
2019-01-16 CVE-2019-6261 Cross-site Scripting vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.2.
network
low complexity
joomla CWE-79
6.1
6.1
2019-01-16 CVE-2016-10737 Cross-site Scripting vulnerability in S9Y Serendipity 2.0.4
Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter.
network
low complexity
s9y CWE-79
5.4
5.4
2019-01-15 CVE-2018-7603 Cross-site Scripting vulnerability in Search Autocomplete Project Search Autocomplete
In Drupal's 3rd party module search auto complete prior to versions 7.x-4.8 there is a Cross Site Scripting vulnerability.
network
low complexity
search-autocomplete-project CWE-79
6.1
6.1
2019-01-15 CVE-2019-0027 Cross-site Scripting vulnerability in Juniper Advanced Threat Prevention
A persistent cross-site scripting (XSS) vulnerability in the Snort Rules configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device.
network
low complexity
juniper CWE-79
5.4
5.4
2019-01-15 CVE-2019-0026 Cross-site Scripting vulnerability in Juniper Advanced Threat Prevention
A persistent cross-site scripting (XSS) vulnerability in the Zone configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device.
network
low complexity
juniper CWE-79
5.4
5.4
2019-01-15 CVE-2019-0025 Cross-site Scripting vulnerability in Juniper Advanced Threat Prevention
A persistent cross-site scripting (XSS) vulnerability in RADIUS configuration menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device.
network
low complexity
juniper CWE-79
5.4
5.4