Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-15 | CVE-2018-0679 | Cross-site Scripting vulnerability in FXC products Cross-site scripting vulnerability in multiple FXC Inc. | 4.8 |
| 2018-11-15 | CVE-2018-12480 | Cross-site Scripting vulnerability in Microfocus Access Manager Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3. | 6.1 |
| 2018-11-15 | CVE-2018-19289 | Cross-site Scripting vulnerability in Valine.Js Valine 1.3.3 An issue was discovered in Valine v1.3.3. | 6.1 |
| 2018-11-15 | CVE-2018-19288 | Cross-site Scripting vulnerability in Zohocorp Manageengine Opmanager 11.4/11.5/12.3 Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API. | 6.1 |
| 2018-11-15 | CVE-2018-19287 | Cross-site Scripting vulnerability in Ninjaforma Ninja Forms XSS in the Ninja Forms plugin before 3.3.18 for WordPress allows Remote Attackers to execute JavaScript via the includes/Admin/Menus/Submissions.php (aka submissions page) begin_date, end_date, or form_id parameter. | 6.1 |
| 2018-11-15 | CVE-2018-19286 | Cross-site Scripting vulnerability in Mubu Curtain 20181111 The server in mubu note 2018-11-11 has XSS by configuring an account with a crafted name value (along with an arbitrary username value), and then creating and sharing a note. | 6.1 |
| 2018-11-14 | CVE-2018-19280 | Cross-site Scripting vulnerability in Centreon 3.4.0/3.4.1/3.4.6 Centreon 3.4.x (fixed in Centreon 18.10.0) has XSS via the resource name or macro expression of a poller macro. | 6.1 |
| 2018-11-14 | CVE-2018-17960 | Cross-site Scripting vulnerability in Ckeditor CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source-mode paste. | 6.1 |
| 2018-11-14 | CVE-2018-15714 | Cross-site Scripting vulnerability in Nagios XI 5.5.6 Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the oname and oname2 parameters. | 6.1 |
| 2018-11-14 | CVE-2018-15713 | Cross-site Scripting vulnerability in Nagios XI 5.5.6 Nagios XI 5.5.6 allows persistent cross site scripting from remote authenticated attackers via the stored email address in admin/users.php. | 5.4 |