Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2018-11317 | Cross-site Scripting vulnerability in Intelliants Subrion Subrion CMS before 4.1.4 has XSS. | 4.3 |
| 2019-07-03 | CVE-2018-11227 | Cross-site Scripting vulnerability in Monstra CMS Monstra CMS 3.0.4 and earlier has XSS via index.php. | 4.3 |
| 2019-07-02 | CVE-2019-7255 | Cross-site Scripting vulnerability in Nortekcontrol products Linear eMerge E3-Series devices allow XSS. | 6.1 |
| 2019-07-02 | CVE-2019-4134 | Cross-site Scripting vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. | 6.1 |
| 2019-07-01 | CVE-2019-3962 | Cross-site Scripting vulnerability in Tenable Nessus Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. | 4.3 |
| 2019-07-01 | CVE-2019-1578 | Cross-site Scripting vulnerability in Paloaltonetworks Minemeld 0.9.60 Cross-site scripting vulnerability in Palo Alto Networks MineMeld version 0.9.60 and earlier may allow a remote attacker able to convince an authenticated MineMeld admin to type malicious input in the MineMeld UI could execute arbitrary JavaScript code in the admin’s browser. | 4.3 |
| 2019-07-01 | CVE-2016-5236 | Cross-site Scripting vulnerability in F5 Websafe Alert Server 1.0.0/3.9.5 Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard 3.9.5 and earlier, aka F5 WebSafe Alert Server, allow privileged authenticated users to inject arbitrary web script or HTML when creating a new user, account or signature. | 3.5 |
| 2019-07-01 | CVE-2016-5235 | Cross-site Scripting vulnerability in F5 Websafe Alert Server 1.0.0/3.9.5 A Cross Site Scripting (XSS) vulnerability in versions of F5 WebSafe Dashboard 3.9.x and earlier, aka F5 WebSafe Alert Server, allows an unauthenticated user to inject HTML via a crafted alert. | 4.3 |
| 2019-07-01 | CVE-2019-4410 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-07-01 | CVE-2019-4237 | Cross-site Scripting vulnerability in IBM products A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. | 5.4 |