Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-26 | CVE-2018-15606 | Cross-site Scripting vulnerability in Salesagility Suitecrm An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message. | 6.1 |
| 2018-09-26 | CVE-2018-7355 | Cross-site Scripting vulnerability in ZTE Mf65 Firmware and Mf65M1 Firmware All versions up to V1.0.0B05 of ZTE MF65 and all versions up to V1.0.0B02 of ZTE MF65M1 are impacted by cross-site scripting vulnerability. | 6.1 |
| 2018-09-26 | CVE-2018-1610 | Cross-site Scripting vulnerability in IBM Rational Doors Next Generation IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. | 5.4 |
| 2018-09-25 | CVE-2018-1659 | Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. | 5.4 |
| 2018-09-25 | CVE-2018-1560 | Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. | 5.4 |
| 2018-09-25 | CVE-2018-6051 | Cross-site Scripting vulnerability in multiple products XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page. | 4.3 |
| 2018-09-24 | CVE-2018-6682 | Cross-site Scripting vulnerability in Mcafee True KEY 4.0.0.0 Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site. | 6.1 |
| 2018-09-23 | CVE-2018-17369 | Cross-site Scripting vulnerability in Springboot Authority Project Springboot Authority 20170306 An issue was discovered in springboot_authority through 2017-03-06. | 4.8 |
| 2018-09-23 | CVE-2018-17361 | Cross-site Scripting vulnerability in Weaselcms Project Weaselcms 0.3.6 Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php because $_SERVER['PHP_SELF'] is mishandled. | 6.1 |
| 2018-09-22 | CVE-2018-17322 | Cross-site Scripting vulnerability in Yunucms 1.1.4 Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter. | 6.1 |