Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-8608 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.0/8.2 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft Dynamics 365. | 5.4 |
| 2018-11-14 | CVE-2018-8607 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.0/8.2 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft Dynamics 365. | 5.4 |
| 2018-11-14 | CVE-2018-8606 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.0/8.2 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft Dynamics 365. | 5.4 |
| 2018-11-14 | CVE-2018-8605 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.0/8.2 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft Dynamics 365. | 5.4 |
| 2018-11-14 | CVE-2018-8602 | Cross-site Scripting vulnerability in Microsoft Team Foundation Server 2017/2018 A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team. | 5.4 |
| 2018-11-14 | CVE-2018-8600 | Cross-site Scripting vulnerability in Microsoft Azure APP Service on Azure Stack A Cross-site Scripting (XSS) vulnerability exists when Azure App Services on Azure Stack does not properly sanitize user provided input, aka "Azure App Service Cross-site Scripting Vulnerability." This affects Azure App. | 6.1 |
| 2018-11-14 | CVE-2018-8572 | Cross-site Scripting vulnerability in Microsoft products An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. | 5.4 |
| 2018-11-14 | CVE-2018-8568 | Cross-site Scripting vulnerability in Microsoft products An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. | 5.4 |
| 2018-11-14 | CVE-2018-8547 | Cross-site Scripting vulnerability in Microsoft products A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Active Directory Federation Services XSS Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. | 5.4 |
| 2018-11-13 | CVE-2018-16471 | Cross-site Scripting vulnerability in multiple products There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. | 6.1 |