Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-05 | CVE-2019-9570 | Cross-site Scripting vulnerability in Yzmcms 5.2.0 An issue was discovered in YzmCMS 5.2.0. | 3.5 |
2019-03-04 | CVE-2017-15515 | Cross-site Scripting vulnerability in Netapp Snapcenter Server NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field. | 3.5 |
2019-03-04 | CVE-2019-9567 | Cross-site Scripting vulnerability in Incsub Forminator The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1.6 for WordPress has XSS via a custom input field of a poll. | 6.1 |
2019-03-04 | CVE-2019-9551 | Cross-site Scripting vulnerability in Wdoyo Doyocms 2.3 An issue was discovered in DOYO (aka doyocms) 2.3 through 2015-05-06. | 3.5 |
2019-03-03 | CVE-2019-9550 | Cross-site Scripting vulnerability in Dhcms Project Dhcms 20170918 DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS. | 3.5 |
2019-03-02 | CVE-2019-8279 | Cross-site Scripting vulnerability in Vanillaforums Vanilla Forums Multiple stored XSS in Vanilla Forums before 2.5 allow remote attackers to inject arbitrary JavaScript code into any message on forum. | 3.5 |
2019-03-02 | CVE-2019-8278 | Cross-site Scripting vulnerability in Invisioncommunity Invision Power Board 3.4.7/3.4.8 Stored XSS in Invision Power Board versions 3.3.1 - 3.4.8 leads to Remote Code Execution. | 4.3 |
2019-02-28 | CVE-2019-9226 | Cross-site Scripting vulnerability in Baigo CMS 2.1.1 An issue was discovered in baigo CMS 2.1.1. | 4.3 |
2019-02-27 | CVE-2018-20244 | Cross-site Scripting vulnerability in Apache Airflow In Apache Airflow before 1.10.2, a malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. | 5.5 |
2019-02-27 | CVE-2019-8410 | Cross-site Scripting vulnerability in Maccms Maccms 8.0 allows XSS via the inc/config/cache.php t_key parameter because template/paody/html/vod_type.html mishandles the keywords parameter, and a/tpl/module/db.php only filters the t_name parameter (not t_key). | 4.3 |