Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2018-09-28 CVE-2018-17574 Cross-site Scripting vulnerability in Ymfe Yapi 1.3.22
An issue was discovered in YMFE YApi 1.3.23.
network
ymfe CWE-79
3.5
3.5
2018-09-28 CVE-2018-17571 Cross-site Scripting vulnerability in Vanillaforums Vanilla
Vanilla before 2.6.1 allows XSS via the email field of a profile. 		4.3
4.3
2018-09-28 CVE-2018-17056 Cross-site Scripting vulnerability in Progress Sitefinity CMS 10.2/11.0
Cross-site scripting (XSS) vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
progress CWE-79
4.3
4.3
2018-09-28 CVE-2018-16277 Cross-site Scripting vulnerability in Xwiki
The Image Import function in XWiki through 10.7 has XSS.
network
xwiki CWE-79
3.5
3.5
2018-09-28 CVE-2018-14037 Cross-site Scripting vulnerability in Progress Kendo UI 2018.1.221
Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor v2018.1.221 allows remote attackers to inject arbitrary JavaScript into the DOM of the WYSIWYG editor because of the editorNS.Serializer toEditableHtml function in kendo.all.min.js.
network
progress CWE-79
4.3
4.3
2018-09-27 CVE-2018-1820 Cross-site Scripting vulnerability in IBM Websphere Portal
IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-09-27 CVE-2018-1716 Cross-site Scripting vulnerability in IBM Websphere Portal
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
4.3
4.3
2018-09-27 CVE-2018-1660 Cross-site Scripting vulnerability in IBM Websphere Portal
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-09-26 CVE-2018-17316 Cross-site Scripting vulnerability in Ricoh MP C6003 Firmware
On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
ricoh CWE-79
4.3
4.3
2018-09-26 CVE-2018-17315 Cross-site Scripting vulnerability in Ricoh MP C2003Sp Firmware
On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
ricoh CWE-79
4.3
4.3