Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-10 | CVE-2017-1002152 | Cross-site Scripting vulnerability in Redhat Bodhi Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles. | 6.1 |
| 2019-01-10 | CVE-2018-15457 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5 A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 6.1 |
| 2019-01-10 | CVE-2018-0483 | Cross-site Scripting vulnerability in Cisco Jabber 10.0(0) A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. | 5.4 |
| 2019-01-10 | CVE-2018-0482 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5(0.0) A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected system. | 5.4 |
| 2019-01-09 | CVE-2018-20682 | Cross-site Scripting vulnerability in Fork-Cms Fork CMS 5.0.6 Fork CMS 5.0.6 allows stored XSS via the private/en/settings facebook_admin_ids parameter (aka "Admin ids" input in the Facebook section). | 5.4 |
| 2019-01-09 | CVE-2018-16205 | Cross-site Scripting vulnerability in Weseek Growi Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via New Page modal. | 5.4 |
| 2019-01-09 | CVE-2018-16204 | Cross-site Scripting vulnerability in Google XML Sitemaps Project Google XML Sitemaps Cross-site scripting vulnerability in Google XML Sitemaps Version 4.0.9 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.8 |
| 2019-01-09 | CVE-2018-16199 | Cross-site Scripting vulnerability in Toshiba Hem-Gw16A Firmware and Hem-Gw26A Firmware Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2019-01-09 | CVE-2018-16193 | Cross-site Scripting vulnerability in NEC Aterm Wf1200Cr Firmware and Aterm Wg1200Cr Firmware Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2019-01-09 | CVE-2018-16180 | Cross-site Scripting vulnerability in DAJ I-Filter 9.50R05 Cross-site scripting vulnerability in i-FILTER Ver.9.50R05 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |