Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-23 | CVE-2019-15480 | Cross-site Scripting vulnerability in Domoticz 4.10717 Domoticz 4.10717 has XSS via item.Name. | 3.5 |
| 2019-08-23 | CVE-2019-15477 | Cross-site Scripting vulnerability in Jooby Jooby before 1.6.4 has XSS via the default error handler. | 4.3 |
| 2019-08-23 | CVE-2019-15476 | Cross-site Scripting vulnerability in Former Project Former Former before 4.2.1 has XSS via a checkbox value. | 4.3 |
| 2019-08-23 | CVE-2019-15499 | Cross-site Scripting vulnerability in Hackmd Codimd 1.3.1 CodiMD 1.3.1, when Safari is used, allows XSS via an IFRAME element with allow-top-navigation in the sandbox attribute, in conjunction with a data: URL. | 4.3 |
| 2019-08-22 | CVE-2019-15328 | Cross-site Scripting vulnerability in Codection Import Users From CSV With Meta The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS. | 4.3 |
| 2019-08-22 | CVE-2019-15327 | Cross-site Scripting vulnerability in Codection Import Users From CSV With Meta The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data. | 4.3 |
| 2019-08-22 | CVE-2018-20986 | Cross-site Scripting vulnerability in Advancedcustomfields Advanced Custom Fields The advanced-custom-fields (aka Elliot Condon Advanced Custom Fields) plugin before 5.7.8 for WordPress has XSS by authors. | 3.5 |
| 2019-08-22 | CVE-2017-18579 | Cross-site Scripting vulnerability in Dwbooster Corner AD The corner-ad plugin before 1.0.8 for WordPress has XSS. | 4.3 |
| 2019-08-22 | CVE-2017-18578 | Cross-site Scripting vulnerability in Crafty Social Buttons Project Crafty Social Buttons The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS. | 4.3 |
| 2019-08-22 | CVE-2014-10393 | Cross-site Scripting vulnerability in Cformsii Project Cformsii The cforms2 plugin before 10.5 for WordPress has XSS. | 4.3 |