Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-20 | CVE-2018-1000638 | Cross-site Scripting vulnerability in 1234N Minicms 1.1 MiniCMS version 1.1 contains a Cross Site Scripting (XSS) vulnerability in http://example.org/mc-admin/page.php?date={payload} that can result in code injection. | 6.1 |
| 2018-08-20 | CVE-2018-15574 | Cross-site Scripting vulnerability in Reprisesoftware Reprise License Manager An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. | 6.1 |
| 2018-08-20 | CVE-2018-15570 | Cross-site Scripting vulnerability in Bijiadao Waimai Super CMS 20150505 In waimai Super Cms 20150505, there is stored XSS via the /admin.php/Foodcat/editsave fcname parameter. | 4.8 |
| 2018-08-20 | CVE-2018-15567 | Cross-site Scripting vulnerability in Cmsuno Project Cmsuno CMSUno before 1.5.3 has XSS via the title field. | 6.1 |
| 2018-08-20 | CVE-2018-15566 | Cross-site Scripting vulnerability in Tp5Cms Project Tp5Cms 20170315/20170525 tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter. | 6.1 |
| 2018-08-20 | CVE-2018-15559 | Cross-site Scripting vulnerability in Xiuno Xiunobbs 4.0.4 The editor in Xiuno BBS 4.0.4 allows stored XSS. | 6.1 |
| 2018-08-16 | CVE-2018-10139 | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. | 6.1 |
| 2018-08-16 | CVE-2018-1715 | Cross-site Scripting vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting. | 5.4 |
| 2018-08-15 | CVE-2018-0386 | Cross-site Scripting vulnerability in Cisco products A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on an affected system. | 6.1 |
| 2018-08-15 | CVE-2018-0367 | Cross-site Scripting vulnerability in Cisco Registered Envelope Service A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. | 5.4 |