Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-15 | CVE-2018-18296 | Cross-site Scripting vulnerability in Metinfo 6.1.2 MetInfo 6.1.2 has XSS via the /admin/index.php bigclass parameter in an n=column&a=doadd action. | 6.1 |
| 2018-10-14 | CVE-2018-18291 | Cross-site Scripting vulnerability in Asus Rt-Ac58U Firmware 3.0.0.4.380.6516 A cross site scripting (XSS) vulnerability on ASUS RT-AC58U 3.0.0.4.380_6516 devices allows remote attackers to inject arbitrary web script or HTML via Advanced_ASUSDDNS_Content.asp, Advanced_WSecurity_Content.asp, Advanced_Wireless_Content.asp, Logout.asp, Main_Login.asp, MobileQIS_Login.asp, QIS_wizard.htma, YandexDNS.asp, ajax_status.xml, apply.cgi, clients.asp, disk.asp, disk_utility.asp, or internet.asp. | 6.1 |
| 2018-10-14 | CVE-2018-18290 | Cross-site Scripting vulnerability in Nconsulting Nc-Cms An issue was discovered in nc-cms through 2017-03-10. | 4.8 |
| 2018-10-12 | CVE-2018-18282 | Cross-site Scripting vulnerability in Zeit Next.Js 7.0.0/7.0.1 Next.js 7.0.0 and 7.0.1 has XSS via the 404 or 500 /_error page. | 6.1 |
| 2018-10-12 | CVE-2018-10141 | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML. | 6.1 |
| 2018-10-12 | CVE-2018-16210 | Cross-site Scripting vulnerability in Wago 750-881 Ethernet Controller Devices Firmware 01.08.01(10)/01.09.18(13) WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field. | 6.1 |
| 2018-10-12 | CVE-2018-14664 | Cross-site Scripting vulnerability in Theforeman Foreman 1.18.0 A flaw was found in foreman from versions 1.18. | 5.4 |
| 2018-10-12 | CVE-2018-18271 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.7 XSS exists in CMS Made Simple version 2.2.7 via the m1_extra parameter in an admin/moduleinterface.php "Content-->News-->Add Article" action. | 6.1 |
| 2018-10-12 | CVE-2018-18270 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.7 XSS exists in CMS Made Simple version 2.2.7 via the m1_news_url parameter in an admin/moduleinterface.php "Content-->News-->Add Article" action. | 6.1 |
| 2018-10-12 | CVE-2018-1534 | Cross-site Scripting vulnerability in IBM Rational Publishing Engine 6.0.5/6.0.6 IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. | 5.4 |