Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-23 | CVE-2019-9066 | Cross-site Scripting vulnerability in PHP Appointment Booking Script Project PHP Appointment Booking Script 3.0.3 PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile. | 3.5 |
| 2019-02-23 | CVE-2014-10078 | Cross-site Scripting vulnerability in Vembu Storegrid 4.4 Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfailure.php, interface/registerclient/onlineregfailure.php, and interface/registercustomer/onlineregfailure.php. | 4.3 |
| 2019-02-23 | CVE-2018-18692 | Cross-site Scripting vulnerability in Semcosoft 5.3 A reflected Cross-Site scripting (XSS) vulnerability in SEMCO Semcosoft 5.3 allows remote attackers to inject arbitrary web scripts or HTML via the username parameter to the Login Form. | 4.3 |
| 2019-02-22 | CVE-2019-9016 | Cross-site Scripting vulnerability in Mopcms 20181130 An XSS vulnerability was discovered in MOPCMS through 2018-11-30. | 4.3 |
| 2019-02-21 | CVE-2019-1685 | Cross-site Scripting vulnerability in Cisco Unity Connection 12.5 A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2019-02-21 | CVE-2019-1665 | Cross-site Scripting vulnerability in Cisco Hyperflex HX Data Platform A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.3 |
| 2019-02-21 | CVE-2018-1947 | Cross-site Scripting vulnerability in IBM Security Identity Governance and Intelligence 5.2.2.1 IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance is vulnerable to cross-site scripting. | 4.3 |
| 2019-02-21 | CVE-2019-8984 | Cross-site Scripting vulnerability in Altn Mdaemon MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2). | 4.3 |
| 2019-02-21 | CVE-2019-8983 | Cross-site Scripting vulnerability in Altn Mdaemon MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2). | 4.3 |
| 2019-02-21 | CVE-2019-5727 | Cross-site Scripting vulnerability in Splunk Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827. | 3.5 |