Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-01 | CVE-2018-19785 | Cross-site Scripting vulnerability in PHP-Proxy PHP-Proxy through 5.1.0 has Cross-Site Scripting (XSS) via the URL field in index.php. | 4.3 |
| 2018-11-30 | CVE-2018-7810 | Cross-site Scripting vulnerability in Schneider-Electric products An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 allowing an attacker to craft a URL containing JavaScript that will be executed within the user's browser, potentially impacting the machine the browser is running on. | 4.3 |
| 2018-11-30 | CVE-2018-0716 | Cross-site Scripting vulnerability in Qnap QTS Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and earlier versions could allow remote attackers to inject Javascript code in the compromised application. | 4.3 |
| 2018-11-29 | CVE-2018-19527 | Cross-site Scripting vulnerability in I4 AI SI Assistant 7.85 i4 assistant 7.85 allows XSS via a crafted machine name field within iOS settings. | 4.3 |
| 2018-11-29 | CVE-2018-19752 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar. | 3.5 |
| 2018-11-29 | CVE-2018-19751 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the admin/ssl-fields/add.php notes field for Custom SSL Fields. | 3.5 |
| 2018-11-29 | CVE-2018-19750 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the admin/domain-fields/ notes field in an Add Custom Field action for Custom Domain Fields. | 3.5 |
| 2018-11-29 | CVE-2018-19749 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php Owner name field. | 3.5 |
| 2018-11-29 | CVE-2018-19693 | Cross-site Scripting vulnerability in Tp5Cms Project Tp5Cms 20170315/20170525 An issue was discovered in tp5cms through 2017-05-25. | 4.3 |
| 2018-11-29 | CVE-2018-1762 | Cross-site Scripting vulnerability in IBM products IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. | 3.5 |