Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-28 | CVE-2018-15884 | Cross-site Scripting vulnerability in Ricoh MP C4504Ex Firmware RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter. | 8.8 |
| 2018-08-28 | CVE-2018-15740 | Cross-site Scripting vulnerability in Zohocorp Manageengine Admanager Plus 6.5.7 Zoho ManageEngine ADManager Plus 6.5.7 has XSS on the "Workflow Delegation" "Requester Roles" screen. | 6.1 |
| 2018-08-28 | CVE-2018-15608 | Cross-site Scripting vulnerability in Manageengine Admanager Plus 6.5.7 Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen. | 6.1 |
| 2018-08-28 | CVE-2018-15596 | Cross-site Scripting vulnerability in Mybb 1.8.17 An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. | 6.1 |
| 2018-08-28 | CVE-2017-15427 | Cross-site Scripting vulnerability in multiple products Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar. | 6.1 |
| 2018-08-28 | CVE-2014-4932 | Cross-site Scripting vulnerability in Wordfence Security Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before 5.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the val parameter to whois.php. | 6.1 |
| 2018-08-28 | CVE-2018-13395 | Cross-site Scripting vulnerability in Atlassian Jira Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and before version 7.11.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the epic colour field of an issue while an issue is being moved. | 6.1 |
| 2018-08-27 | CVE-2018-15699 | Cross-site Scripting vulnerability in Asustor Data Master ASUSTOR Data Master 3.1.5 and below makes an HTTP request for a configuration file that is vulnerable to XSS. | 6.1 |
| 2018-08-27 | CVE-2018-0715 | Cross-site Scripting vulnerability in Qnap Photo Station Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application. | 6.1 |
| 2018-08-27 | CVE-2018-15899 | Cross-site Scripting vulnerability in 1234N Minicms 1.10 An issue was discovered in MiniCMS 1.10. | 6.1 |