Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-18 | CVE-2016-10994 | Cross-site Scripting vulnerability in Truemag Theme Project Truemag Theme 2016Q2 The Truemag theme 2016 Q2 for WordPress has XSS via the s parameter. | 4.3 |
| 2019-09-17 | CVE-2019-16392 | Cross-site Scripting vulnerability in multiple products SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages. | 6.1 |
| 2019-09-17 | CVE-2019-6835 | Cross-site Scripting vulnerability in Schneider-Electric products A Cross-Site Scripting (XSS) CWE-79 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to inject client-side script when a user visits a web page. | 5.4 |
| 2019-09-17 | CVE-2019-13538 | Cross-site Scripting vulnerability in Codesys 3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the contents of manipulated libraries to be displayed or executed. | 6.8 |
| 2019-09-17 | CVE-2019-4342 | Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-09-17 | CVE-2019-4270 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site scripting. | 5.4 |
| 2019-09-17 | CVE-2019-11559 | Cross-site Scripting vulnerability in Hrworks 1.16.1 A reflected Cross-site scripting (XSS) vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component. | 6.1 |
| 2019-09-17 | CVE-2016-10993 | Cross-site Scripting vulnerability in Scoreme Project Scoreme 20160401 The ScoreMe theme through 2016-04-01 for WordPress has XSS via the s parameter. | 3.5 |
| 2019-09-17 | CVE-2016-10992 | Cross-site Scripting vulnerability in Codepeople Music Store The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports from_year parameter. | 4.3 |
| 2019-09-17 | CVE-2016-10990 | Cross-site Scripting vulnerability in Wpcerber Cerber Security Antispam & Malware Scan 2.0.1.6 The wp-cerber plugin before 2.7 for WordPress has XSS via the X-Forwarded-For HTTP header. | 4.3 |