Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-01 | CVE-2018-17835 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.15 An issue was discovered in GetSimple CMS 3.3.15. | 4.8 |
| 2018-10-01 | CVE-2018-17832 | Cross-site Scripting vulnerability in Wuzhicms Wuzhi CMS 2.0 XSS exists in WUZHI CMS 2.0 via the index.php v or f parameter. | 6.1 |
| 2018-10-01 | CVE-2018-17830 | Cross-site Scripting vulnerability in Redaxo 5.6.2 The $args variable in addons/mediapool/pages/index.php in REDAXO 5.6.2 is not effectively filtered, because names are not restricted (only values are restricted). | 5.4 |
| 2018-10-01 | CVE-2018-17218 | Cross-site Scripting vulnerability in PTC Thingworx Platform An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. | 5.4 |
| 2018-09-28 | CVE-2018-9081 | Cross-site Scripting vulnerability in Lenovo products For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file name used for assets accessible through the Content Viewer application are vulnerable to self cross-site scripting self-XSS. | 4.7 |
| 2018-09-28 | CVE-2018-9079 | Cross-site Scripting vulnerability in Lenovo products For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, adversaries can craft URLs to modify the Document Object Model (DOM) of the page. | 9.8 |
| 2018-09-28 | CVE-2018-9078 | Cross-site Scripting vulnerability in Lenovo products For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the Content Explorer application grants users the ability to upload files to shares and this image was rendered in the browser in the device's origin instead of prompting to download the asset. | 8.8 |
| 2018-09-28 | CVE-2018-1246 | Cross-site Scripting vulnerability in Dell products Dell EMC Unity and UnityVSA contains reflected cross-site scripting vulnerability. | 6.1 |
| 2018-09-28 | CVE-2018-11075 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page. | 4.7 |
| 2018-09-28 | CVE-2018-11074 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which exists in its embedded MadCap Flare Help files. | 6.1 |