Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-08 | CVE-2017-18484 | Cross-site Scripting vulnerability in Elementalpath Cognitoys Dino Firmware Cognitoys Dino devices allow XSS via the SSID. | 4.3 |
2019-08-08 | CVE-2019-14774 | Cross-site Scripting vulnerability in Getwooplugins Woo-Variation-Swatches 1.0.61 The woo-variation-swatches (aka Variation Swatches for WooCommerce) plugin 1.0.61 for WordPress allows XSS via the wp-admin/admin.php?page=woo-variation-swatches-settings tab parameter. | 6.1 |
2019-08-08 | CVE-2018-20962 | Cross-site Scripting vulnerability in Backpackforlaravel BackpackCrud The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type. | 4.3 |
2019-08-08 | CVE-2019-12397 | Cross-site Scripting vulnerability in Apache Ranger Policy import functionality in Apache Ranger 0.7.0 to 1.2.0 is vulnerable to a cross-site scripting issue. | 6.1 |
2019-08-08 | CVE-2019-14772 | Cross-site Scripting vulnerability in Verdaccio verdaccio before 3.12.0 allows XSS. | 4.3 |
2019-08-08 | CVE-2019-14221 | Cross-site Scripting vulnerability in 1Crm On-Premise 8.5.7 1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation. | 3.5 |
2019-08-08 | CVE-2016-10864 | Cross-site Scripting vulnerability in Netgear Ex7000 Firmware NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID. | 2.9 |
2019-08-08 | CVE-2019-1973 | Cross-site Scripting vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure 3.11.1/3.5.1/3.5.2 A vulnerability in the web portal framework of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 3.5 |
2019-08-08 | CVE-2019-1956 | Cross-site Scripting vulnerability in Cisco Spa112 2-Port Phone Adapter Firmware A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the device. | 3.5 |
2019-08-08 | CVE-2019-1949 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.8 |