Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-05 | CVE-2018-14953 | Cross-site Scripting vulnerability in Squirrelmail The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math xlink:href=" attack. | 6.1 |
| 2018-08-05 | CVE-2018-14952 | Cross-site Scripting vulnerability in Squirrelmail The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math><maction xlink:href=" attack. | 6.1 |
| 2018-08-05 | CVE-2018-14951 | Cross-site Scripting vulnerability in Squirrelmail The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<form action='data:text" attack. | 6.1 |
| 2018-08-05 | CVE-2018-14950 | Cross-site Scripting vulnerability in Squirrelmail The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<svg><a xlink:href=" attack. | 6.1 |
| 2018-08-05 | CVE-2018-14937 | Cross-site Scripting vulnerability in Mylittleforum MY Little Forum 2.4.12 The Add page option in my little forum 2.4.12 allows XSS via the Menu Link field. | 4.8 |
| 2018-08-05 | CVE-2018-14936 | Cross-site Scripting vulnerability in Mylittleforum MY Little Forum 2.4.12 The Add page option in my little forum 2.4.12 allows XSS via the Title field. | 4.8 |
| 2018-08-04 | CVE-2018-14541 | Cross-site Scripting vulnerability in Readymadeb2Bscript Basic B2B 2.0.0 PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. | 5.4 |
| 2018-08-04 | CVE-2018-14497 | Cross-site Scripting vulnerability in Tendacn D152 Firmware Tenda D152 ADSL routers allow XSS via a crafted SSID. | 5.4 |
| 2018-08-03 | CVE-2018-14929 | Cross-site Scripting vulnerability in Matera Banco 1.0.0 Matera Banco 1.0.0 is vulnerable to multiple reflected XSS, as demonstrated by the /contingency/web/index.jsp (aka home page) url parameter. | 6.1 |
| 2018-08-03 | CVE-2018-14924 | Cross-site Scripting vulnerability in Matera Banco 1.0.0 Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as demonstrated by the sca/privilegio/consultarUsuario.jsf "Nome Completo" (aka user fullname) field. | 6.1 |