Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-23 | CVE-2019-11584 | Cross-site Scripting vulnerability in Atlassian Jira The MigratePriorityScheme resource in Jira before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the priority icon url of an issue priority. | 4.3 |
| 2019-08-23 | CVE-2019-15492 | Cross-site Scripting vulnerability in It-Novum Openitcockpit openITCOCKPIT before 3.7.1 has reflected XSS, aka RVID 3-445b21. | 4.3 |
| 2019-08-23 | CVE-2019-15488 | Cross-site Scripting vulnerability in Igniterealtime Openfire Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP setup test. | 4.3 |
| 2019-08-23 | CVE-2019-15487 | Cross-site Scripting vulnerability in Schoolexperience Department FOR Education School Experience DfE School Experience before v16333-GA has XSS via a teacher training URL. | 4.3 |
| 2019-08-23 | CVE-2019-15486 | Cross-site Scripting vulnerability in Django JS Reverse Project Django JS Reserve django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_reverse_inline. | 4.3 |
| 2019-08-23 | CVE-2019-15485 | Cross-site Scripting vulnerability in Boltcms Bolt Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php. | 4.3 |
| 2019-08-23 | CVE-2019-15484 | Cross-site Scripting vulnerability in Boltcms Bolt Bolt before 3.6.10 has XSS via an image's alt or title field. | 4.3 |
| 2019-08-23 | CVE-2019-15483 | Cross-site Scripting vulnerability in Boltcms Bolt Bolt before 3.6.10 has XSS via a title that is mishandled in the system log. | 4.3 |
| 2019-08-23 | CVE-2019-15482 | Cross-site Scripting vulnerability in Selectize-Plugin-A11Y Project Selectize-Plugin-A11Y selectize-plugin-a11y before 1.1.0 has XSS via the msg field. | 4.3 |
| 2019-08-23 | CVE-2019-15481 | Cross-site Scripting vulnerability in Kimai 2 Kimai v2 before 1.1 has XSS via a timesheet description. | 4.3 |