Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-21 | CVE-2018-20322 | Cross-site Scripting vulnerability in Limesurvey LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. | 4.3 |
2018-12-21 | CVE-2018-16778 | Cross-site Scripting vulnerability in Jenzabar 8.2.1/9.2.0 Cross-site scripting (XSS) vulnerability in Jenzabar v8.2.1 through 9.2.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter (aka the Search Field). | 4.3 |
2018-12-21 | CVE-2018-20339 | Cross-site Scripting vulnerability in Zohocorp Manageengine Opmanager 12.3 Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section. | 4.3 |
2018-12-21 | CVE-2018-20328 | Cross-site Scripting vulnerability in Chamilo LMS 1.11.8 Chamilo LMS version 1.11.8 contains XSS in main/social/group_view.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. | 3.5 |
2018-12-21 | CVE-2018-20327 | Cross-site Scripting vulnerability in Chamilo LMS 1.11.8 Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebook_list.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. | 3.5 |
2018-12-20 | CVE-2018-14846 | Cross-site Scripting vulnerability in Mondula Multi Step Form The Mondula Multi Step Form plugin before 1.2.8 for WordPress has multiple stored XSS via wp-admin/admin-ajax.php. | 3.5 |
2018-12-20 | CVE-2018-12651 | Cross-site Scripting vulnerability in Myadrenalin Human Resource Management Software 5.4.0 A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. | 4.3 |
2018-12-20 | CVE-2018-8891 | Cross-site Scripting vulnerability in Blackberry Unified Endpoint Manager Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | 3.5 |
2018-12-20 | CVE-2018-8888 | Cross-site Scripting vulnerability in Blackberry Unified Endpoint Manager A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | 3.5 |
2018-12-20 | CVE-2018-1000874 | Cross-site Scripting vulnerability in Cebe Markdown PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. | 6.1 |