Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-21 | CVE-2018-17320 | Cross-site Scripting vulnerability in Ucms Project Ucms 1.4.6 An issue was discovered in UCMS 1.4.6. | 4.3 |
| 2018-09-21 | CVE-2018-17003 | Cross-site Scripting vulnerability in Limesurvey 3.14.7 In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been discovered in the appendix via the surveyls_title parameter to /index.php?r=admin/survey/sa/insert. | 4.3 |
| 2018-09-21 | CVE-2018-17002 | Cross-site Scripting vulnerability in Ricoh MP 2001Sp Firmware On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
| 2018-09-21 | CVE-2018-17001 | Cross-site Scripting vulnerability in Ricoh SP 4510Sf Firmware On the RICOH SP 4510SF printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
| 2018-09-21 | CVE-2018-16965 | Cross-site Scripting vulnerability in Zohocorp Manageengine Supportcenter Plus 7.9/7.90 In Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109, there is HTML Injection and Stored XSS via the /ServiceContractDef.do contractName parameter. | 4.3 |
| 2018-09-21 | CVE-2018-16833 | Cross-site Scripting vulnerability in Zohocorp Manageengine Desktop Central 10.0.271 Zoho ManageEngine Desktop Central 10.0.271 has XSS via the "Features & Articles" search field to the /advsearch.do?SUBREQUEST=XMLHTTP URI. | 4.3 |
| 2018-09-21 | CVE-2018-15613 | Cross-site Scripting vulnerability in Avaya Aura Orchestration Designer A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. | 4.3 |
| 2018-09-21 | CVE-2018-9282 | Cross-site Scripting vulnerability in Subsonic 6.1.1 An XSS issue was discovered in Subsonic Media Server 6.1.1. | 4.3 |
| 2018-09-21 | CVE-2018-14691 | Cross-site Scripting vulnerability in Subsonic 6.1.1 An issue was discovered in Subsonic 6.1.1. | 4.3 |
| 2018-09-21 | CVE-2018-14690 | Cross-site Scripting vulnerability in Subsonic 6.1.1 An issue was discovered in Subsonic 6.1.1. | 4.3 |