Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2018-09-10 CVE-2018-16780 Cross-site Scripting vulnerability in Complete Responsive CMS Blog Project Complete Responsive CMS Blog 20180520
Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment. 		5.4
5.4
2018-09-10 CVE-2018-16779 Cross-site Scripting vulnerability in Blogcms Project Blogcms
BlogCMS through 2016-10-25 has XSS via a comment.
network
low complexity
blogcms-project CWE-79
6.1
6.1
2018-09-10 CVE-2018-16776 Cross-site Scripting vulnerability in Creatiwity Witycms 0.6.2
wityCMS 0.6.2 has XSS via the "Site Name" field found in the "Contact" "Configuration" page.
network
low complexity
creatiwity CWE-79
4.8
4.8
2018-09-10 CVE-2018-16775 Cross-site Scripting vulnerability in Victor CMS Project Victor CMS 1.0/20180510
An issue was discovered in Victor CMS through 2018-05-10.
network
low complexity
victor-cms-project CWE-79
4.8
4.8
2018-09-10 CVE-2018-16773 Cross-site Scripting vulnerability in Easycms 1.5
EasyCMS 1.5 allows XSS via the index.php?s=/admin/fields/update/navTabId/listfields/callbackType/closeCurrent content field.
network
low complexity
easycms CWE-79
4.8
4.8
2018-09-10 CVE-2018-16772 Cross-site Scripting vulnerability in Hoosk 1.7.0
Hoosk v1.7.0 allows XSS via the Navigation Title of a new page entered at admin/pages/new.
network
low complexity
hoosk CWE-79
4.8
4.8
2018-09-09 CVE-2018-16759 Cross-site Scripting vulnerability in Easycms 1.4
The removeXSS function in App/Common/common.php (called from App/Modules/Index/Action/SearchAction.class.php) in EasyCMS v1.4 allows XSS via an onhashchange event.
network
low complexity
easycms CWE-79
6.1
6.1
2018-09-09 CVE-2018-16736 Cross-site Scripting vulnerability in Rcfilters Project Rcfilters 2.1.6
In the rcfilters plugin 2.1.6 for Roundcube, XSS exists via the _whatfilter and _messages parameters (in the Filters section of the settings).
network
low complexity
rcfilters-project CWE-79
5.4
5.4
2018-09-08 CVE-2018-16730 Cross-site Scripting vulnerability in Chshcms Cscms 4.1
\upload\plugins\sys\Install.php in CScms 4.1 has XSS via the site name.
network
low complexity
chshcms CWE-79
6.1
6.1
2018-09-08 CVE-2018-16725 Cross-site Scripting vulnerability in Baijiacms Project Baijiacms 4.0
An issue is discovered in baijiacms V4.
network
low complexity
baijiacms-project CWE-79
6.1
6.1