Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-14 | CVE-2019-14974 | Cross-site Scripting vulnerability in Sugarcrm 9.0.0 SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS. | 4.3 |
2019-08-14 | CVE-2016-10881 | Cross-site Scripting vulnerability in Google DOC Embedder Project Google DOC Embedder The google-document-embedder plugin before 2.6.2 for WordPress has XSS. | 4.3 |
2019-08-14 | CVE-2016-10880 | Cross-site Scripting vulnerability in Google DOC Embedder Project Google DOC Embedder The google-document-embedder plugin before 2.6.1 for WordPress has XSS. | 4.3 |
2019-08-14 | CVE-2015-9314 | Cross-site Scripting vulnerability in Newstatpress Project Newstatpress The newstatpress plugin before 1.0.4 for WordPress has XSS related to the Referer header. | 4.3 |
2019-08-14 | CVE-2015-9312 | Cross-site Scripting vulnerability in Newstatpress Project Newstatpress The newstatpress plugin before 1.0.5 for WordPress has XSS related to an IMG element. | 4.3 |
2019-08-14 | CVE-2015-9311 | Cross-site Scripting vulnerability in Newstatpress Project Newstatpress The newstatpress plugin before 1.0.6 for WordPress has reflected XSS. | 4.3 |
2019-08-14 | CVE-2019-0337 | Cross-site Scripting vulnerability in SAP Netweaver Process Integration Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting (XSS) vulnerability | 4.3 |
2019-08-14 | CVE-2019-0335 | Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence 4.1/4.2/4.3 Under certain conditions SAP BusinessObjects Business Intelligence Platform (Central Management Console), versions 4.1, 4.2, 4.3, allows an attacker to store a malicious payload within the description field of a user account. | 4.3 |
2019-08-14 | CVE-2019-0334 | Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence 4.1/4.2/4.3 When creating a module in SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. | 4.9 |
2019-08-14 | CVE-2019-0332 | Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence 4.1/4.2/4.3 SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability. | 4.3 |