Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-06 | CVE-2016-10778 | Cross-site Scripting vulnerability in Cpanel cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178). | 3.5 |
| 2019-08-06 | CVE-2016-10777 | Cross-site Scripting vulnerability in Cpanel cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177). | 3.5 |
| 2019-08-06 | CVE-2016-10776 | Cross-site Scripting vulnerability in Cpanel cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174). | 3.5 |
| 2019-08-05 | CVE-2019-14672 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.5 Firefly III 4.7.17.5 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the liability name field. | 3.5 |
| 2019-08-05 | CVE-2019-14670 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.3 Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the bill name field. | 3.5 |
| 2019-08-05 | CVE-2019-14669 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.3 Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the asset account name. | 3.5 |
| 2019-08-05 | CVE-2019-14668 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.3 Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the transaction description field. | 3.5 |
| 2019-08-05 | CVE-2019-14667 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.4 Firefly III 4.7.17.4 is vulnerable to multiple stored XSS issues due to the lack of filtration of user-supplied data in the transaction description field and the asset account name. | 4.3 |
| 2019-08-05 | CVE-2019-14550 | Cross-site Scripting vulnerability in Espocrm An issue was discovered in EspoCRM before 5.6.9. | 3.5 |
| 2019-08-05 | CVE-2019-14549 | Cross-site Scripting vulnerability in Espocrm An issue was discovered in EspoCRM before 5.6.9. | 3.5 |