Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2019-08-02 CVE-2017-18454 Cross-site Scripting vulnerability in Cpanel
cPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262).
network
cpanel CWE-79
3.5
3.5
2019-08-02 CVE-2017-18420 Cross-site Scripting vulnerability in Cpanel
cPanel before 66.0.2 allows stored XSS during WHM cPAddons processing (SEC-269).
network
cpanel CWE-79
3.5
3.5
2019-08-02 CVE-2017-18419 Cross-site Scripting vulnerability in Cpanel
cPanel before 66.0.2 allows stored XSS during WHM cPAddons uninstallation (SEC-266).
network
cpanel CWE-79
3.5
3.5
2019-08-02 CVE-2017-18418 Cross-site Scripting vulnerability in Cpanel
cPanel before 66.0.2 allows stored XSS during WHM cPAddons file operations (SEC-265).
network
cpanel CWE-79
3.5
3.5
2019-08-02 CVE-2017-18417 Cross-site Scripting vulnerability in Cpanel
cPanel before 66.0.2 allows stored XSS during WHM cPAddons installation (SEC-263).
network
cpanel CWE-79
3.5
3.5
2019-08-02 CVE-2017-18408 Cross-site Scripting vulnerability in Cpanel
cPanel before 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces (SEC-282).
network
cpanel CWE-79
3.5
3.5
2019-08-02 CVE-2017-18402 Cross-site Scripting vulnerability in Cpanel
cPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade (SEC-336).
network
cpanel CWE-79
3.5
3.5
2019-08-01 CVE-2019-14517 Cross-site Scripting vulnerability in Editor.Md Project Editor.Md 1.5.0
pandao Editor.md 1.5.0 allows XSS via the Javascript: string. 		4.3
4.3
2019-08-01 CVE-2019-5401 Cross-site Scripting vulnerability in HP Hp2910Al-48G Firmware W.15.14.00.16
A potential security vulnerability has been identified in HP2910al-48G version W.15.14.0016.
network
hp CWE-79
3.5
3.5
2019-08-01 CVE-2016-10813 Cross-site Scripting vulnerability in Cpanel
cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118).
network
cpanel CWE-79
3.5
3.5