Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-05 | CVE-2018-19877 | Cross-site Scripting vulnerability in Adiscon Loganalyzer login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Button Referer field. | 4.3 |
2018-12-05 | CVE-2018-1728 | Cross-site Scripting vulnerability in IBM Qradar Incident Forensics IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. | 3.5 |
2018-12-04 | CVE-2018-18642 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. | 4.3 |
2018-12-04 | CVE-2018-18991 | Cross-site Scripting vulnerability in Spidercontrol Scada Webserver Reflected cross-site scripting (non-persistent) in SCADA WebServer (Versions prior to 2.03.0001) could allow an attacker to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim's browser. | 4.3 |
2018-12-04 | CVE-2018-12319 | Cross-site Scripting vulnerability in Asustor Data Master 3.1.1 Denial-of-service in the login page of ASUSTOR ADM 3.1.1 allows attackers to prevent users from signing in by placing malformed text in the title. | 5.0 |
2018-12-04 | CVE-2018-12311 | Cross-site Scripting vulnerability in Asustor Data Master 3.1.1 Cross-site scripting vulnerability in File Explorer in ASUSTOR ADM version 3.1.1 allows attackers to execute arbitrary JavaScript when a file is moved via a malicious filename. | 3.5 |
2018-12-04 | CVE-2018-12310 | Cross-site Scripting vulnerability in Asustor Data Master 3.1.1 Cross-site scripting in the Login page in ASUSTOR ADM version 3.1.1 allows attackers to execute JavaScript via the System Announcement feature. | 3.5 |
2018-12-04 | CVE-2018-12305 | Cross-site Scripting vulnerability in Asustor Data Master 3.1.1 Cross-site scripting in File Explorer in ASUSTOR ADM version 3.1.1 allows attackers to execute JavaScript by uploading SVG images with embedded JavaScript. | 4.3 |
2018-12-04 | CVE-2018-11348 | Cross-site Scripting vulnerability in Yunohost Two XSS vulnerabilities are located in the profile edition page of the user panel of the YunoHost 2.7.2 through 2.7.14 web application. | 3.5 |
2018-12-04 | CVE-2018-16633 | Cross-site Scripting vulnerability in Pluck-Cms Pluck 4.7.7 Pluck v4.7.7 allows XSS via the admin.php?action=editpage&page= page title. | 3.5 |