Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-31 | CVE-2018-6341 | Cross-site Scripting vulnerability in Facebook React React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. | 6.1 |
| 2018-12-31 | CVE-2018-19918 | Cross-site Scripting vulnerability in Cuppacms CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI. | 5.4 |
| 2018-12-31 | CVE-2018-19906 | Cross-site Scripting vulnerability in Razorcms 3.4.8 Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter. | 5.4 |
| 2018-12-31 | CVE-2018-19905 | Cross-site Scripting vulnerability in Razorcms 3.4.8 HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter. | 5.4 |
| 2018-12-31 | CVE-2018-19904 | Cross-site Scripting vulnerability in Xsltcms.Org Project Xsltcms.Org Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field. | 6.1 |
| 2018-12-31 | CVE-2018-19903 | Cross-site Scripting vulnerability in Xsltcms.Org Project Xsltcms.Org Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field. | 6.1 |
| 2018-12-31 | CVE-2018-19902 | Cross-site Scripting vulnerability in No-Cms Project No-Cms 1.1.3 No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter. | 4.8 |
| 2018-12-31 | CVE-2018-19901 | Cross-site Scripting vulnerability in No-Cms Project No-Cms 1.1.3 No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter. | 4.8 |
| 2018-12-31 | CVE-2018-19845 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.12 There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325. | 5.4 |
| 2018-12-31 | CVE-2018-19844 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319. | 4.8 |