Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-09 | CVE-2018-20071 | Cross-site Scripting vulnerability in Google Chrome Insufficiently strict origin checks during JIT payment app installation in Payments in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to install a service worker for a domain that can host attacker controled files via a crafted HTML page. | 6.1 |
| 2019-01-09 | CVE-2018-16084 | Cross-site Scripting vulnerability in multiple products The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page. | 6.1 |
| 2019-01-09 | CVE-2018-20680 | Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 has XSS in the admin/?/page/edit/1 body field. | 4.8 |
| 2019-01-09 | CVE-2018-20677 | Cross-site Scripting vulnerability in Getbootstrap Bootstrap In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. | 6.1 |
| 2019-01-09 | CVE-2018-20676 | Cross-site Scripting vulnerability in Getbootstrap Bootstrap In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. | 6.1 |
| 2019-01-09 | CVE-2016-10735 | Cross-site Scripting vulnerability in Getbootstrap Bootstrap In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. | 6.1 |
| 2019-01-08 | CVE-2019-0558 | Cross-site Scripting vulnerability in Microsoft Business Productivity Servers and Sharepoint Server A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint, Microsoft Business Productivity Servers. | 5.4 |
| 2019-01-08 | CVE-2019-0557 | Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2016 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. | 5.4 |
| 2019-01-08 | CVE-2019-0556 | Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2013 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. | 5.4 |
| 2019-01-08 | CVE-2019-0245 | Cross-site Scripting vulnerability in SAP products SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 5.4 |