Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-26 | CVE-2018-17314 | Cross-site Scripting vulnerability in Ricoh MP 305+ Firmware On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
| 2018-09-26 | CVE-2018-17313 | Cross-site Scripting vulnerability in Ricoh MP C307 Firmware On the RICOH MP C307 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
| 2018-09-26 | CVE-2018-17312 | Cross-site Scripting vulnerability in Ricoh Aficio MP 301Spf Firmware On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
| 2018-09-26 | CVE-2018-17311 | Cross-site Scripting vulnerability in Ricoh MP C6503 Firmware On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
| 2018-09-26 | CVE-2018-17310 | Cross-site Scripting vulnerability in Ricoh MP C1803 JPN Firmware On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
| 2018-09-26 | CVE-2018-17309 | Cross-site Scripting vulnerability in Ricoh MP C406Zspf Firmware On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
| 2018-09-26 | CVE-2018-17556 | Cross-site Scripting vulnerability in Modx Revolution 2.6.5 MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action. | 3.5 |
| 2018-09-26 | CVE-2018-8846 | Cross-site Scripting vulnerability in Philips E-Alert Firmware Philips e-Alert Unit (non-medical device), Version R2.1 and prior. | 4.3 |
| 2018-09-26 | CVE-2018-15606 | Cross-site Scripting vulnerability in Salesagility Suitecrm An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message. | 4.3 |
| 2018-09-26 | CVE-2018-7355 | Cross-site Scripting vulnerability in ZTE Mf65 Firmware and Mf65M1 Firmware All versions up to V1.0.0B05 of ZTE MF65 and all versions up to V1.0.0B02 of ZTE MF65M1 are impacted by cross-site scripting vulnerability. | 4.3 |