Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-08 | CVE-2019-14770 | Cross-site Scripting vulnerability in Backdropcms Backdrop Core In Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3, some menu links within the administration bar may be crafted to execute JavaScript when the administrator is logged in and uses the search functionality. | 4.3 |
2019-08-08 | CVE-2019-14769 | Cross-site Scripting vulnerability in Backdropcms Backdrop Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 doesn't sufficiently filter output when displaying certain block labels created by administrators. | 4.3 |
2019-08-07 | CVE-2019-14750 | Cross-site Scripting vulnerability in Osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. | 4.3 |
2019-08-07 | CVE-2019-14748 | Cross-site Scripting vulnerability in Osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. | 3.5 |
2019-08-07 | CVE-2019-14747 | Cross-site Scripting vulnerability in Diaowen Dwsurvey 20190722 DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-design!copySurvey.action surveyName parameter. | 4.3 |
2019-08-07 | CVE-2019-10376 | Cross-site Scripting vulnerability in Jenkins Wall Display A reflected cross-site scripting vulnerability in Jenkins Wall Display Plugin 0.6.34 and earlier allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin. | 6.1 |
2019-08-07 | CVE-2019-10374 | Cross-site Scripting vulnerability in Jenkins Pegdown Formatter A stored cross-site scripting vulnerability in Jenkins PegDown Formatter Plugin 1.3 and earlier allows attackers able to edit descriptions and other fields rendered using the configured markup formatter to insert links with the javascript scheme into the Jenkins UI. | 5.4 |
2019-08-07 | CVE-2019-10373 | Cross-site Scripting vulnerability in Jenkins Build Pipeline A stored cross-site scripting vulnerability in Jenkins Build Pipeline Plugin 1.5.8 and earlier allows attackers able to edit the build pipeline description to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins. | 5.4 |
2019-08-07 | CVE-2017-18483 | Cross-site Scripting vulnerability in Annke SP1 Firmware 3.4.1.160407110 ANNKE SP1 HD wireless camera 3.4.1.1604071109 devices allow XSS via a crafted SSID. | 4.3 |
2019-08-07 | CVE-2016-10806 | Cross-site Scripting vulnerability in Cpanel cPanel before 57.9999.54 allows self XSS on the Paper Lantern Landing Page (SEC-110). | 3.5 |