Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-06	CVE-2018-11124	Cross-site Scripting vulnerability in Opmantek Open-Audit Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute. network low complexity opmantek CWE-79	5.4
2018-07-06	CVE-2017-1238	Cross-site Scripting vulnerability in IBM products IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2018-07-06	CVE-2017-1237	Cross-site Scripting vulnerability in IBM products IBM Jazz based applications are vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2018-07-05	CVE-2018-13339	Cross-site Scripting vulnerability in Angular Redactor Project Angular Redactor 1.1.6 Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035. network low complexity angular-redactor-project CWE-79	6.1
2018-07-05	CVE-2018-9997	Cross-site Scripting vulnerability in Open-Xchange Appsuite Cross-site scripting (XSS) vulnerability in mail compose in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev28 allows remote attackers to inject arbitrary web script or HTML via the data-target attribute in an HTML page with data-toggle gadgets. network low complexity open-xchange CWE-79	6.1
2018-07-05	CVE-2018-8738	Cross-site Scripting vulnerability in Airties 5444 Firmware and 5444Tt Firmware Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS. network low complexity airties CWE-79	6.1
2018-07-05	CVE-2018-8046	Cross-site Scripting vulnerability in Sencha EXT JS The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. network low complexity sencha CWE-79	6.1
2018-07-05	CVE-2017-11175	Cross-site Scripting vulnerability in Siemens FIN Stack 4.0 In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login. network low complexity siemens CWE-79	6.1
2018-07-05	CVE-2018-13252	Cross-site Scripting vulnerability in Entrustdatacard Syntera Customization Suite 5.0/5.1 Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page. network low complexity entrustdatacard CWE-79	6.1
2018-07-05	CVE-2018-3769	Cross-site Scripting vulnerability in Ruby-Grape Grape ruby-grape ruby gem suffers from a cross-site scripting (XSS) vulnerability via "format" parameter. network low complexity ruby-grape CWE-79	6.1