Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-16	CVE-2016-10963	Cross-site Scripting vulnerability in Icegram Engage The icegram plugin before 1.9.19 for WordPress has XSS. network low complexity icegram CWE-79	6.1
2019-09-16	CVE-2016-10961	Cross-site Scripting vulnerability in Inkthemes Colorway The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter. network low complexity inkthemes CWE-79	6.1
2019-09-16	CVE-2016-10957	Cross-site Scripting vulnerability in Akal Project Akal 20160822 The Akal theme through 2016-08-22 for WordPress has XSS via the framework/brad-shortcodes/tinymce/preview.php sc parameter. network akal-project CWE-79	4.3
2019-09-15	CVE-2019-16334	Cross-site Scripting vulnerability in Bludit 3.9.2 In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. network bludit CWE-79	3.5
2019-09-15	CVE-2019-16333	Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.15 GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in admin/theme-edit.php. network get-simple CWE-79	3.5
2019-09-15	CVE-2019-16332	Cross-site Scripting vulnerability in API Bearer Auth Project API Bearer Auth In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject JavaScript code, aka XSS. network api-bearer-auth-project CWE-79	4.3
2019-09-15	CVE-2019-16321	Cross-site Scripting vulnerability in Scadabr 1.0Ce/1.1.0 ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a nonexistent resource, as demonstrated by the dwr/test/ PATH_INFO. network scadabr CWE-79	4.3
2019-09-14	CVE-2019-16307	Cross-site Scripting vulnerability in Fujixerox Docushare 7.0.0.C1.609 A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter (webExMeetingLogin.jsp) and meetingKey parameter (deleteWebExMeetingCheck.jsp). network fujixerox CWE-79	4.3
2019-09-14	CVE-2019-16312	Cross-site Scripting vulnerability in S-Cms 3.0 s-cms V3.0 has XSS in index.php?type=text via the S_id parameter. network s-cms CWE-79	4.3
2019-09-14	CVE-2019-16310	Cross-site Scripting vulnerability in Niushop 1.11 NIUSHOP V1.11 has XSS via the index.php?s=/admin URI. network niushop CWE-79	3.5