Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-03 | CVE-2018-14906 | Cross-site Scripting vulnerability in 3CX web Server 15.5.8801.3 The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters. | 6.1 |
| 2018-08-03 | CVE-2018-14905 | Cross-site Scripting vulnerability in 3CX web Server 15.5.8801.3 The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter. | 6.1 |
| 2018-08-03 | CVE-2018-14904 | Cross-site Scripting vulnerability in Samsung Syncthru web Service 4.05.61 Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid. | 6.1 |
| 2018-08-03 | CVE-2018-14504 | Cross-site Scripting vulnerability in Mantisbt An issue was discovered in manage_filter_edit_page.php in MantisBT 2.x through 2.15.0. | 6.1 |
| 2018-08-03 | CVE-2018-13055 | Cross-site Scripting vulnerability in Mantisbt A cross-site scripting (XSS) vulnerability in the View Filters page (view_filters_page.php) in MantisBT 2.1.0 through 2.15.0 allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted PATH_INFO. | 6.1 |
| 2018-08-03 | CVE-2018-12607 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. | 5.4 |
| 2018-08-03 | CVE-2018-12606 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. | 5.4 |
| 2018-08-03 | CVE-2018-12605 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community Edition and Enterprise Edition 10.7.x before 10.7.6. | 5.4 |
| 2018-08-03 | CVE-2018-6590 | Cross-site Scripting vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability. | 6.1 |
| 2018-08-03 | CVE-2018-14877 | Cross-site Scripting vulnerability in Weaselcms Project Weaselcms 0.3.5 An issue was discovered in WeaselCMS v0.3.5. | 5.4 |