Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-28 | CVE-2018-1246 | Cross-site Scripting vulnerability in Dell products Dell EMC Unity and UnityVSA contains reflected cross-site scripting vulnerability. | 4.3 |
| 2018-09-28 | CVE-2018-11075 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page. | 2.6 |
| 2018-09-28 | CVE-2018-11074 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which exists in its embedded MadCap Flare Help files. | 4.3 |
| 2018-09-28 | CVE-2018-11073 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operations Console. | 3.5 |
| 2018-09-28 | CVE-2018-15365 | Cross-site Scripting vulnerability in Trendmicro Deep Discovery Inspector 3.85 A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. | 3.5 |
| 2018-09-28 | CVE-2018-17574 | Cross-site Scripting vulnerability in Ymfe Yapi 1.3.22 An issue was discovered in YMFE YApi 1.3.23. | 3.5 |
| 2018-09-28 | CVE-2018-17571 | Cross-site Scripting vulnerability in Vanillaforums Vanilla Vanilla before 2.6.1 allows XSS via the email field of a profile. | 4.3 |
| 2018-09-28 | CVE-2018-17056 | Cross-site Scripting vulnerability in Progress Sitefinity CMS 10.2/11.0 Cross-site scripting (XSS) vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2018-09-28 | CVE-2018-16277 | Cross-site Scripting vulnerability in Xwiki The Image Import function in XWiki through 10.7 has XSS. | 3.5 |
| 2018-09-28 | CVE-2018-14037 | Cross-site Scripting vulnerability in Progress Kendo UI 2018.1.221 Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor v2018.1.221 allows remote attackers to inject arbitrary JavaScript into the DOM of the WYSIWYG editor because of the editorNS.Serializer toEditableHtml function in kendo.all.min.js. | 4.3 |