Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-28 | CVE-2019-6992 | Cross-site Scripting vulnerability in Zoneminder A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a long NAME or PROTOCOL to the index.php?view=controlcaps URI. | 4.3 |
| 2019-01-28 | CVE-2019-6990 | Cross-site Scripting vulnerability in Zoneminder A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI. | 3.5 |
| 2019-01-28 | CVE-2018-19727 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.3.0/6.4.0 Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. | 4.3 |
| 2019-01-28 | CVE-2018-19726 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. | 4.3 |
| 2019-01-28 | CVE-2018-19724 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.2.0/6.3.0/6.4.0 Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. | 4.3 |
| 2019-01-28 | CVE-2019-6979 | Cross-site Scripting vulnerability in IP History Logs Project IP History Logs 1.0.2 An issue was discovered in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. | 4.3 |
| 2019-01-25 | CVE-2019-6804 | Cross-site Scripting vulnerability in Pagerduty Rundeck An XSS issue was discovered on the Job Edit page in Rundeck Community Edition before 3.0.13, related to assets/javascripts/workflowStepEditorKO.js and views/execution/_wfitemEdit.gsp. | 4.3 |
| 2019-01-25 | CVE-2019-6803 | Cross-site Scripting vulnerability in Typora typora through 0.9.9.20.3 beta has XSS, with resultant remote command execution, via the left outline bar. | 4.3 |
| 2019-01-24 | CVE-2019-1668 | Cross-site Scripting vulnerability in Cisco Socialminer 11.6(1)/11.6(2)/12.0(1) A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user interface of an affected system. | 6.1 |
| 2019-01-24 | CVE-2019-1655 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.8 A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. | 4.3 |