Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-03 | CVE-2018-14873 | Cross-site Scripting vulnerability in Rincewind Project Rincewind 0.1 An issue was discovered in Rincewind 0.1. | 5.4 |
| 2018-08-02 | CVE-2017-6215 | Cross-site Scripting vulnerability in Paypal PHP Permissions SDK paypal/permissions-sdk-php is vulnerable to reflected XSS in the samples/GetAccessToken.php verification_code parameter, resulting in code execution. | 5.4 |
| 2018-08-02 | CVE-2017-6213 | Cross-site Scripting vulnerability in Paypal PHP Invoice SDK paypal/invoice-sdk-php is vulnerable to reflected XSS in samples/permissions.php via the permToken parameter, resulting in code execution. | 5.4 |
| 2018-08-02 | CVE-2018-1155 | Cross-site Scripting vulnerability in Tenable Securitycenter In SecurityCenter versions prior to 5.7.0, a cross-site scripting (XSS) issue could allow an authenticated attacker to inject JavaScript code into an image filename parameter within the Reports feature area. | 5.4 |
| 2018-08-02 | CVE-2018-7649 | Cross-site Scripting vulnerability in Fibranet Monitorix Monitorix before 3.10.1 allows XSS via CGI variables. | 6.1 |
| 2018-08-02 | CVE-2018-1554 | Cross-site Scripting vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. | 5.4 |
| 2018-08-02 | CVE-2018-8032 | Cross-site Scripting vulnerability in multiple products Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. | 6.1 |
| 2018-08-02 | CVE-2018-14840 | Cross-site Scripting vulnerability in Intelliants Subrion 4.2.1 uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads (but does block, for example, .htm file uploads). | 6.1 |
| 2018-08-02 | CVE-2018-14838 | Cross-site Scripting vulnerability in Rejucms Project Rejucms 2.1 rejucms 2.1 has stored XSS via the admin/book.php content parameter. | 6.1 |
| 2018-08-02 | CVE-2018-14835 | Cross-site Scripting vulnerability in Subrion CMS 4.2.1 Subrion CMS v4.2.1 is vulnerable to Stored XSS because of no escaping added to the tooltip information being displayed in multiple areas. | 5.4 |