Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-23 | CVE-2018-1999005 | Cross-site Scripting vulnerability in multiple products A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in BuildTimelineWidget.java, BuildTimelineWidget/control.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in another user's browser when that other user performs some UI actions. | 5.4 |
| 2018-07-23 | CVE-2018-1999024 | Cross-site Scripting vulnerability in Mathjax MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability in the \unicode{} macro that can result in Potentially untrusted Javascript running within a web browser. | 5.4 |
| 2018-07-23 | CVE-2018-1999021 | Cross-site Scripting vulnerability in Gleeztech Gleezcms 1.3.0 Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. | 5.4 |
| 2018-07-23 | CVE-2018-1999016 | Cross-site Scripting vulnerability in Pydio Pydio version 8.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in ./core/vendor/meenie/javascript-packer/example-inline.php line 48; ./core/vendor/dapphp/securimage/examples/test.mysql.static.php lines: 114,118 that can result in an unauthenticated remote attacker manipulating the web client via XSS code injection. | 6.1 |
| 2018-07-23 | CVE-2018-1999008 | Cross-site Scripting vulnerability in Octobercms October October CMS version prior to build 437 contains a Cross Site Scripting (XSS) vulnerability in the Media module and create folder functionality that can result in an Authenticated user with media module permission creating arbitrary folder name with XSS content. | 5.4 |
| 2018-07-23 | CVE-2018-1513 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vulnerable to cross-site scripting. | 5.4 |
| 2018-07-23 | CVE-2018-14527 | Cross-site Scripting vulnerability in Xiao5Ucompany Project Xiao5Ucompany 1.7 Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection mechanism in Safe.asp is insufficient (for example, it considers SCRIPT and IMG elements, but does not consider VIDEO elements). | 6.1 |
| 2018-07-23 | CVE-2018-14517 | Cross-site Scripting vulnerability in Seacms 6.61 SeaCMS 6.61 has two XSS issues in the admin_config.php file via certain form fields. | 6.1 |
| 2018-07-23 | CVE-2018-14513 | Cross-site Scripting vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0 An XSS vulnerability was discovered in WUZHI CMS 4.1.0. | 6.1 |
| 2018-07-23 | CVE-2018-14512 | Cross-site Scripting vulnerability in Wuzhicms Wuzhi CMS 4.1.0 An XSS vulnerability was discovered in WUZHI CMS 4.1.0. | 6.1 |