Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-13 | CVE-2018-1667 | Cross-site Scripting vulnerability in IBM Datapower Gateway IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 is vulnerable to cross-site scripting. | 3.5 |
| 2018-12-13 | CVE-2018-16555 | Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SCALANCE S602 (All versions < V4.0.1.1), SCALANCE S612 (All versions < V4.0.1.1), SCALANCE S623 (All versions < V4.0.1.1), SCALANCE S627-2M (All versions < V4.0.1.1). | 3.5 |
| 2018-12-13 | CVE-2018-1653 | Cross-site Scripting vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 is vulnerable to cross-site scripting. | 3.5 |
| 2018-12-12 | CVE-2018-20101 | Cross-site Scripting vulnerability in Codection Import Users From CSV With Meta 1.12.1 The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell. | 4.3 |
| 2018-12-12 | CVE-2018-8650 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2016 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. | 3.5 |
| 2018-12-12 | CVE-2018-17952 | Cross-site Scripting vulnerability in Microfocus Edirectory Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 | 6.1 |
| 2018-12-12 | CVE-2018-17949 | Cross-site Scripting vulnerability in Microfocus Imanager Cross site scripting vulnerability in iManager prior to 3.1 SP2. | 6.1 |
| 2018-12-12 | CVE-2018-8652 | Cross-site Scripting vulnerability in Microsoft Windows Azure Pack Rollup 13.1 A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input, aka "Windows Azure Pack Cross Site Scripting Vulnerability." This affects Windows Azure Pack Rollup 13.1. | 3.5 |
| 2018-12-12 | CVE-2018-8651 | Cross-site Scripting vulnerability in Microsoft Dynamics NAV 2016/2017 A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV. | 3.5 |
| 2018-12-11 | CVE-2018-2505 | Cross-site Scripting vulnerability in SAP Hybris SAP Commerce does not sufficiently validate user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability in storefronts that are based on the product. | 4.3 |