Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-27	CVE-2018-12919	Cross-site Scripting vulnerability in Craftedweb Project Craftedweb 20130924 In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows XSS via the e parameter. network low complexity craftedweb-project CWE-79	6.1
2018-06-27	CVE-2018-12905	Cross-site Scripting vulnerability in Joyplus-Cms Project Joyplus-Cms 1.6.0 joyplus-cms 1.6.0 has XSS in admin_player.php, related to manager/index.php "system manage" and "add" actions. network low complexity joyplus-cms-project CWE-79	6.1
2018-06-26	CVE-2018-12903	Cross-site Scripting vulnerability in Cyberark Endpoint Privilege Manager 10.2.1.603 In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user's groups in ConfigurationPage, the Dialog Title field, and App Group Name in the Application Group Wizard. network low complexity cyberark CWE-79	5.4
2018-06-26	CVE-2018-12902	Cross-site Scripting vulnerability in Easymagazine Project Easymagazine 20121026 In Easy Magazine through 2012-10-26, there is XSS in the search bar of the web site. network low complexity easymagazine-project CWE-79	6.1
2018-06-26	CVE-2018-12711	Cross-site Scripting vulnerability in Joomla Joomla! An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. network low complexity joomla CWE-79	6.1
2018-06-26	CVE-2018-11448	Cross-site Scripting vulnerability in Siemens Scalance M875 Firmware A vulnerability has been identified in SCALANCE M875 (All versions). network low complexity siemens CWE-79	4.8
2018-06-26	CVE-2018-1000604	Cross-site Scripting vulnerability in Jenkins Badge A persisted cross-site scripting vulnerability exists in Jenkins Badge Plugin 1.4 and earlier in BadgeSummaryAction.java, HtmlBadgeAction.java that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI actions. network low complexity jenkins CWE-79	5.4
2018-06-26	CVE-2018-1000559	Cross-site Scripting vulnerability in Qutebrowser qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. network low complexity qutebrowser CWE-79	6.1
2018-06-26	CVE-2018-1000557	Cross-site Scripting vulnerability in Ocsinventory-Ng Ocsinventory NG 2.4 OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting (XSS) vulnerability in login form and search functionality that can result in An attacker is able to execute arbitrary (javascript) code within a victims' browser. network low complexity ocsinventory-ng CWE-79	6.1
2018-06-26	CVE-2018-1000556	Cross-site Scripting vulnerability in Veronalabs WP Statistics WordPress version 4.8 + contains a Cross Site Scripting (XSS) vulnerability in plugins.php or core wordpress on delete function that can result in An attacker can perform client side attacks which could be from stealing a cookie to code injection. network low complexity veronalabs CWE-79	6.1