Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-21 | CVE-2018-14691 | Cross-site Scripting vulnerability in Subsonic 6.1.1 An issue was discovered in Subsonic 6.1.1. | 6.1 |
| 2018-09-21 | CVE-2018-14690 | Cross-site Scripting vulnerability in Subsonic 6.1.1 An issue was discovered in Subsonic 6.1.1. | 6.1 |
| 2018-09-21 | CVE-2018-14689 | Cross-site Scripting vulnerability in Subsonic 6.1.1 An issue was discovered in Subsonic 6.1.1. | 6.1 |
| 2018-09-21 | CVE-2018-14688 | Cross-site Scripting vulnerability in Subsonic 6.1.1 An issue was discovered in Subsonic 6.1.1. | 6.1 |
| 2018-09-21 | CVE-2018-11352 | Cross-site Scripting vulnerability in Wallabag The Wallabag application 2.2.3 to 2.3.2 is affected by one cross-site scripting (XSS) vulnerability that is stored within the configuration page. | 4.0 |
| 2018-09-21 | CVE-2018-16786 | Cross-site Scripting vulnerability in Dedecms 5.7 DedeCMS 5.7 SP2 allows XSS via an onhashchange attribute in the msg parameter to /plus/feedback_ajax.php. | 6.1 |
| 2018-09-21 | CVE-2018-17302 | Cross-site Scripting vulnerability in Espocrm 5.3.6 Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a /#Email/view saved draft message. | 5.4 |
| 2018-09-21 | CVE-2018-17301 | Cross-site Scripting vulnerability in Espocrm 5.3.6 Reflected XSS exists in client/res/templates/global-search/name-field.tpl in EspoCRM 5.3.6 via /#Account in the search panel. | 5.4 |
| 2018-09-21 | CVE-2018-17300 | Cross-site Scripting vulnerability in Cuppacms Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name. | 4.8 |
| 2018-09-20 | CVE-2018-6502 | Cross-site Scripting vulnerability in HP Arcsight Management Center 2.0/2.9.1 A potential Reflected Cross-Site Scripting (XSS) Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. | 6.1 |