Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2017-5393 | Cross-site Scripting vulnerability in Mozilla Firefox The "mozAddonManager" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. | 6.1 |
| 2018-06-11 | CVE-2016-9903 | Cross-site Scripting vulnerability in Mozilla Firefox Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vulnerability. | 6.1 |
| 2018-06-11 | CVE-2018-12111 | Cross-site Scripting vulnerability in Canon EFI Printme Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI. | 6.1 |
| 2018-06-11 | CVE-2018-12100 | Cross-site Scripting vulnerability in Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI. | 4.8 |
| 2018-06-11 | CVE-2018-12099 | Cross-site Scripting vulnerability in multiple products Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. | 6.1 |
| 2018-06-11 | CVE-2018-12095 | Cross-site Scripting vulnerability in Oecms Project Oecms 3.1 A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. | 5.4 |
| 2018-06-11 | CVE-2018-12094 | Cross-site Scripting vulnerability in Dimofinf CMS 3.0.0 Cross-site scripting (XSS) vulnerability in news.php in Dimofinf CMS Version 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 5.4 |
| 2018-06-11 | CVE-2018-12090 | Cross-site Scripting vulnerability in Lamsfoundation Lams There is unauthenticated reflected cross-site scripting (XSS) in LAMS before 3.1 that allows a remote attacker to introduce arbitrary JavaScript via manipulation of an unsanitized GET parameter during a forgotPasswordChange.jsp?key= password change. | 6.1 |
| 2018-06-08 | CVE-2018-9182 | Cross-site Scripting vulnerability in Lynxtechnology Twonky Server Twonky Server before 8.5.1 has XSS via a modified "language" parameter in the Language section. | 6.1 |
| 2018-06-08 | CVE-2018-9177 | Cross-site Scripting vulnerability in Lynxtechnology Twonky Server Twonky Server before 8.5.1 has XSS via a folder name on the Shared Folders screen. | 6.1 |