Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2019-08-12 CVE-2016-10873 Cross-site Scripting vulnerability in Wpseeds WP Database Backup
The wp-database-backup plugin before 4.3.3 for WordPress has XSS.
network
low complexity
wpseeds CWE-79
6.1
6.1
2019-08-12 CVE-2015-9306 Cross-site Scripting vulnerability in Smackcoders Import ALL Pages, Post Types, Products, Orders, and Users AS XML & CSV
The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS.
network
low complexity
smackcoders CWE-79
6.1
6.1
2019-08-12 CVE-2015-9305 Cross-site Scripting vulnerability in Flippercode WP Google MAP
The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions.
network
low complexity
flippercode CWE-79
6.1
6.1
2019-08-09 CVE-2019-14807 Cross-site Scripting vulnerability in Mediawiki Mobilefrontend 1.31.0/1.32.0/1.33.0
In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php.
network
mediawiki CWE-79
4.3
4.3
2019-08-09 CVE-2019-11274 Cross-site Scripting vulnerability in Cloudfoundry User Account and Authentication
Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. 		4.3
4.3
2019-08-09 CVE-2018-20827 Cross-site Scripting vulnerability in Atlassian Jira
The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter.
network
atlassian CWE-79
3.5
3.5
2019-08-09 CVE-2019-11776 Cross-site Scripting vulnerability in Eclipse Business Intelligence and Reporting Tools
In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter.
network
eclipse CWE-79
4.3
4.3
2019-08-09 CVE-2019-5403 Cross-site Scripting vulnerability in HP 3Par Storeserv Management Console 3.3.1/3.5
A remote multiple cross-site scripting vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
network
hp CWE-79
3.5
3.5
2019-08-09 CVE-2019-5398 Cross-site Scripting vulnerability in HP 3Par Service Processor Firmware
A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
network
hp CWE-79
3.5
3.5
2019-08-09 CVE-2019-5397 Cross-site Scripting vulnerability in HP 3Par Service Processor Firmware
A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
network
low complexity
hp CWE-79
critical
 9.7
9.7