Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-02 | CVE-2019-7869 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 3.5 |
2019-08-02 | CVE-2019-7868 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 3.5 |
2019-08-02 | CVE-2019-7867 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 3.5 |
2019-08-02 | CVE-2019-7866 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 3.5 |
2019-08-02 | CVE-2019-7863 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the admin panel for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 3.5 |
2019-08-02 | CVE-2019-7862 | Cross-site Scripting vulnerability in Magento A reflected cross-site scripting vulnerability exists in the Product widget chooser functionality in the admin panel for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 3.5 |
2019-08-02 | CVE-2019-7853 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 3.5 |
2019-08-02 | CVE-2019-6969 | Cross-site Scripting vulnerability in Dlink Dva-5592 Firmware 20180823 The web interface of the D-Link DVA-5592 20180823 is vulnerable to an authentication bypass that allows an unauthenticated user to have access to sensitive information such as the Wi-Fi password and the phone number (if VoIP is in use). | 5.0 |
2019-08-02 | CVE-2019-6968 | Cross-site Scripting vulnerability in Dlink Dva-5592 Firmware 20180823 The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected. | 4.3 |
2019-08-02 | CVE-2017-18456 | Cross-site Scripting vulnerability in Cpanel cPanel before 62.0.17 allows self XSS in the WHM cPAddons showsecurity interface (SEC-217). | 4.3 |