Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-13 | CVE-2018-19439 | Cross-site Scripting vulnerability in Oracle Secure Global Desktop 4.4 XSS exists in the Administration Console in Oracle Secure Global Desktop 4.4 20080807152602 (but was fixed in later versions including 5.4). | 4.3 |
| 2018-12-13 | CVE-2018-20138 | Cross-site Scripting vulnerability in Readymadeb2Bscript Entrepreneur B2B Script 3.0.6 PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via Account Settings fields such as FirstName and LastName, a similar issue to CVE-2018-14541. | 3.5 |
| 2018-12-13 | CVE-2018-20137 | Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.4.3 XSS exists in FUEL CMS 1.4.3 via the Page title, Meta description, or Meta keywords during page data management, as demonstrated by the pages/edit/1?lang=english URI. | 3.5 |
| 2018-12-13 | CVE-2018-20136 | Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.4.3 XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout Variables during new-page creation, as demonstrated by the pages/edit/1?lang=english URI. | 3.5 |
| 2018-12-13 | CVE-2018-1817 | Cross-site Scripting vulnerability in IBM Security Guardium IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting. | 4.3 |
| 2018-12-13 | CVE-2018-1815 | Cross-site Scripting vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 for Enterprise Single-Sign On is vulnerable to cross-site scripting. | 4.3 |
| 2018-12-13 | CVE-2018-1740 | Cross-site Scripting vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 is vulnerable to cross-site scripting. | 3.5 |
| 2018-12-13 | CVE-2018-1667 | Cross-site Scripting vulnerability in IBM Datapower Gateway IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 is vulnerable to cross-site scripting. | 3.5 |
| 2018-12-13 | CVE-2018-16555 | Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SCALANCE S602 (All versions < V4.0.1.1), SCALANCE S612 (All versions < V4.0.1.1), SCALANCE S623 (All versions < V4.0.1.1), SCALANCE S627-2M (All versions < V4.0.1.1). | 3.5 |
| 2018-12-13 | CVE-2018-1653 | Cross-site Scripting vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 is vulnerable to cross-site scripting. | 3.5 |