Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-28 | CVE-2018-17574 | Cross-site Scripting vulnerability in Ymfe Yapi 1.3.22 An issue was discovered in YMFE YApi 1.3.23. | 3.5 |
2018-09-28 | CVE-2018-17571 | Cross-site Scripting vulnerability in Vanillaforums Vanilla Vanilla before 2.6.1 allows XSS via the email field of a profile. | 4.3 |
2018-09-28 | CVE-2018-17056 | Cross-site Scripting vulnerability in Progress Sitefinity CMS 10.2/11.0 Cross-site scripting (XSS) vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2018-09-28 | CVE-2018-16277 | Cross-site Scripting vulnerability in Xwiki The Image Import function in XWiki through 10.7 has XSS. | 3.5 |
2018-09-28 | CVE-2018-14037 | Cross-site Scripting vulnerability in Progress Kendo UI 2018.1.221 Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor v2018.1.221 allows remote attackers to inject arbitrary JavaScript into the DOM of the WYSIWYG editor because of the editorNS.Serializer toEditableHtml function in kendo.all.min.js. | 4.3 |
2018-09-27 | CVE-2018-1820 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 3.5 |
2018-09-27 | CVE-2018-1716 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 4.3 |
2018-09-27 | CVE-2018-1660 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 3.5 |
2018-09-26 | CVE-2018-17316 | Cross-site Scripting vulnerability in Ricoh MP C6003 Firmware On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
2018-09-26 | CVE-2018-17315 | Cross-site Scripting vulnerability in Ricoh MP C2003Sp Firmware On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |