Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2018-18845 | Cross-site Scripting vulnerability in Advanced Comment System Project Advanced Comment System 1.0 internal/advanced_comment_system/index.php and internal/advanced_comment_system/admin.php in Advanced Comment System, version 1.0, contain a reflected cross-site scripting vulnerability via ACS_path. | 4.3 |
| 2019-03-21 | CVE-2018-1836 | Cross-site Scripting vulnerability in IBM MQ IBM WebSphere MQ 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.1.0.0, and 9.1.0.1 console is vulnerable to cross-site scripting. | 3.5 |
| 2019-03-21 | CVE-2018-17997 | Cross-site Scripting vulnerability in Layerbb 1.1.1 LayerBB 1.1.1 allows XSS via the titles of conversations (PMs). | 4.3 |
| 2019-03-21 | CVE-2018-17167 | Cross-site Scripting vulnerability in Printeron 4.1.4 PrinterOn Enterprise 4.1.4 suffers from multiple authenticated stored XSS vulnerabilities via the (1) "Machine Host Name" or "Server Serial Number" field in the clustering configuration, (2) "name" field in the Edit Group configuration, (3) "Rule Name" field in the Access Control configuration, (4) "Service Name" in the Service Configuration, or (5) First Name or Last Name field in the Edit Account configuration. | 3.5 |
| 2019-03-21 | CVE-2018-16519 | Cross-site Scripting vulnerability in Coyoapp Coyo 10.0.11/12.0.4/9.0.8 COYO 9.0.8, 10.0.11 and 12.0.4 has cross-site scripting (XSS) via URLs used by "iFrame" widgets. | 4.3 |
| 2019-03-21 | CVE-2018-14724 | Cross-site Scripting vulnerability in Mybb BAN List 1.0 In the Ban List plugin 1.0 for MyBB, any forum user with mod privileges can ban users and input an XSS payload into the ban reason, which is executed on the bans.php page. | 3.5 |
| 2019-03-21 | CVE-2018-14486 | Cross-site Scripting vulnerability in Dnnsoftware Dotnetnuke 9.1.1 DNN (formerly DotNetNuke) 9.1.1 allows cross-site scripting (XSS) via XML. | 4.3 |
| 2019-03-21 | CVE-2018-13104 | Cross-site Scripting vulnerability in Open-Xchange Appsuite OX App Suite 7.8.4 and earlier allows XSS. | 3.5 |
| 2019-03-21 | CVE-2018-12638 | Cross-site Scripting vulnerability in Bose Soundtouch 18.1.4 An issue was discovered in the Bose Soundtouch app 18.1.4 for iOS. | 4.3 |
| 2019-03-21 | CVE-2018-10091 | Cross-site Scripting vulnerability in Audiocodes 420Hd IP Phone Firmware 2.2.12.126 AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow XSS. | 3.5 |