Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-04 | CVE-2018-1603 | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. | 3.5 |
| 2018-10-04 | CVE-2018-1602 | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. | 3.5 |
| 2018-10-03 | CVE-2018-17054 | Cross-site Scripting vulnerability in Progress Sitefinity CMS Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17053. | 4.3 |
| 2018-10-03 | CVE-2018-17053 | Cross-site Scripting vulnerability in Progress Sitefinity CMS Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054. | 4.3 |
| 2018-10-03 | CVE-2018-16050 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.5 and 11.2.x before 11.2.2. | 4.3 |
| 2018-10-03 | CVE-2018-1794 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using OAuth ear is vulnerable to cross-site scripting. | 4.3 |
| 2018-10-03 | CVE-2018-1793 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using SAML ear is vulnerable to cross-site scripting. | 4.3 |
| 2018-10-03 | CVE-2018-17947 | Cross-site Scripting vulnerability in Atmist Snazzy Maps The Snazzy Maps plugin before 1.1.5 for WordPress has XSS via the text or tab parameter. | 4.3 |
| 2018-10-03 | CVE-2018-17946 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter. | 4.3 |
| 2018-10-02 | CVE-2018-17886 | Cross-site Scripting vulnerability in Jeesns 1.3 An issue was discovered in JEESNS 1.3. | 3.5 |