Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-15 | CVE-2018-10369 | Cross-site Scripting vulnerability in Intelbras WIN 240 Firmware 1.1.0 A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. | 9.8 |
| 2018-08-14 | CVE-2018-14922 | Cross-site Scripting vulnerability in Monstra 3.0.4 Multiple cross-site scripting (XSS) vulnerabilities in Monstra CMS 3.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) first name or (2) last name field in the edit profile page. | 6.1 |
| 2018-08-14 | CVE-2018-14888 | Cross-site Scripting vulnerability in Thank You/Like Project Thank You/Like inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin before 3.1.0 for MyBB allows XSS via a post or thread subject. | 6.1 |
| 2018-08-14 | CVE-2018-2444 | Cross-site Scripting vulnerability in SAP Businessobjects Financial Consolidation 10.0/10.1 SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 6.1 |
| 2018-08-13 | CVE-2018-3781 | Cross-site Scripting vulnerability in Nextcloud Talk A missing sanitization of search results for an autocomplete field in NextCloud Talk <3.2.5 could lead to a stored XSS requiring user-interaction. | 5.4 |
| 2018-08-13 | CVE-2018-3780 | Cross-site Scripting vulnerability in Nextcloud Server A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. | 5.4 |
| 2018-08-13 | CVE-2018-14850 | Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image. | 5.4 |
| 2018-08-13 | CVE-2018-14849 | Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Tiki before 18.2, 15.7 and 12.14 has XSS via link attributes, related to lib/core/WikiParser/OutputLink.php and lib/parser/parserlib.php. | 5.4 |
| 2018-08-13 | CVE-2018-12587 | Cross-site Scripting vulnerability in German Spelling Dictionary Project German Spelling Dictionary 1.3 A cross-site scripting (XSS) vulnerability was found in valeuraddons German Spelling Dictionary v1.3 (an Opera Browser add-on). | 6.1 |
| 2018-08-13 | CVE-2018-10569 | Cross-site Scripting vulnerability in Edimax Ew-7438Rpn V2 Firmware 1.22/1.23 An issue was discovered in Edimax EW-7438RPn Mini v2 before version 1.26. | 6.1 |