Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2018-12-13 CVE-2018-20137 Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.4.3
XSS exists in FUEL CMS 1.4.3 via the Page title, Meta description, or Meta keywords during page data management, as demonstrated by the pages/edit/1?lang=english URI.
network
low complexity
thedaylightstudio CWE-79
4.8
4.8
2018-12-13 CVE-2018-20136 Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.4.3
XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout Variables during new-page creation, as demonstrated by the pages/edit/1?lang=english URI.
network
low complexity
thedaylightstudio CWE-79
4.8
4.8
2018-12-13 CVE-2018-1817 Cross-site Scripting vulnerability in IBM Security Guardium
IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2018-12-13 CVE-2018-1815 Cross-site Scripting vulnerability in IBM Security Access Manager
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 for Enterprise Single-Sign On is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2018-12-13 CVE-2018-1740 Cross-site Scripting vulnerability in IBM Security Access Manager
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-12-13 CVE-2018-1667 Cross-site Scripting vulnerability in IBM Datapower Gateway
IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-12-13 CVE-2018-16555 Cross-site Scripting vulnerability in Siemens products
A vulnerability has been identified in SCALANCE S602 (All versions < V4.0.1.1), SCALANCE S612 (All versions < V4.0.1.1), SCALANCE S623 (All versions < V4.0.1.1), SCALANCE S627-2M (All versions < V4.0.1.1).
network
low complexity
siemens CWE-79
5.4
5.4
2018-12-13 CVE-2018-1653 Cross-site Scripting vulnerability in IBM Security Access Manager
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-12-12 CVE-2018-20101 Cross-site Scripting vulnerability in Codection Import Users From CSV With Meta 1.12.1
The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell.
network
low complexity
codection CWE-79
6.1
6.1
2018-12-12 CVE-2018-8650 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2016
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint.
network
low complexity
microsoft CWE-79
5.4
5.4