Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-15712 | Cross-site Scripting vulnerability in Nagios XI 5.5.6 Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the host parameter in api_tool.php. | 6.1 |
| 2018-11-14 | CVE-2018-6081 | Cross-site Scripting vulnerability in multiple products XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension or open Developer Console to inject arbitrary scripts or HTML via a crafted HTML page. | 6.1 |
| 2018-11-14 | CVE-2018-6076 | Cross-site Scripting vulnerability in multiple products Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page. | 6.1 |
| 2018-11-14 | CVE-2018-6070 | Cross-site Scripting vulnerability in multiple products Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. | 6.1 |
| 2018-11-14 | CVE-2018-3699 | Cross-site Scripting vulnerability in Intel Raid web Console 3 Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user to elevate privilege via remote access. | 6.1 |
| 2018-11-14 | CVE-2018-19190 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php error_msg parameter. | 6.1 |
| 2018-11-14 | CVE-2018-19189 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in an error.php echo statement. | 6.1 |
| 2018-11-14 | CVE-2018-19188 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fort_id parameter. | 6.1 |
| 2018-11-14 | CVE-2018-19187 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement. | 6.1 |
| 2018-11-14 | CVE-2018-19186 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter. | 6.1 |