Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-17 | CVE-2018-12104 | Cross-site Scripting vulnerability in Airbnb Knowledge Repo 0.7.4 Cross-site scripting (XSS) vulnerability in Airbnb Knowledge Repo 0.7.4 allows remote attackers to inject arbitrary web scripts or HTML via the post comments functionality, as demonstrated by the post/posts/new_report.kp URI. | 6.1 |
| 2018-06-17 | CVE-2018-12073 | Cross-site Scripting vulnerability in Eminent-Online Em4544 9.10 An issue was discovered on Eminent EM4544 9.10 devices. | 5.3 |
| 2018-06-17 | CVE-2018-11647 | Cross-site Scripting vulnerability in Oauth2Orize-Fprm Project Oauth2Orize-Fprm index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL. | 6.1 |
| 2018-06-16 | CVE-2018-12501 | Cross-site Scripting vulnerability in Nagios Fusion Nagios Fusion before 4.1.4 has XSS, aka TPS#13332-13335. | 6.1 |
| 2018-06-16 | CVE-2018-5754 | Cross-site Scripting vulnerability in Open-Xchange Appsuite Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7.8.3-rev12 and 7.8.4 before 7.8.4-rev9 allows remote attackers to inject arbitrary web script or HTML via a crafted presentation file, related to copying content to the clipboard. | 5.4 |
| 2018-06-16 | CVE-2018-11223 | Cross-site Scripting vulnerability in Pandorafms Artica Pandora FMS 7.0Ng XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call. | 5.4 |
| 2018-06-16 | CVE-2017-17062 | Cross-site Scripting vulnerability in Open-Xchange Appsuite The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, 7.8.x before 7.8.2-rev38, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management. | 6.5 |
| 2018-06-15 | CVE-2018-12030 | Cross-site Scripting vulnerability in Chevereto Chevereto Free before 1.0.13 has XSS. | 5.4 |
| 2018-06-14 | CVE-2018-12432 | Cross-site Scripting vulnerability in Javamelody Project Javamelody JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI. | 6.1 |
| 2018-06-14 | CVE-2018-12431 | Cross-site Scripting vulnerability in Seacms 6.61 SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page). | 4.8 |