Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-25 | CVE-2018-11473 | Cross-site Scripting vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration). | 6.1 |
| 2018-05-25 | CVE-2018-11472 | Cross-site Scripting vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php). | 6.1 |
| 2018-05-25 | CVE-2018-11471 | Cross-site Scripting vulnerability in Getcockpit Cockpit 0.5.5 Cockpit 0.5.5 has XSS via a collection, form, or region. | 5.4 |
| 2018-05-25 | CVE-2017-3961 | Cross-site Scripting vulnerability in Mcafee Network Security Manager Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via crafted user input of attributes. | 5.4 |
| 2018-05-25 | CVE-2018-11443 | Cross-site Scripting vulnerability in Easyservice Billing Project Easyservice Billing 1.0 The parameter q is affected by Cross-site Scripting in jobcard-ongoing.php in EasyService Billing 1.0. | 6.1 |
| 2018-05-25 | CVE-2018-1136 | Cross-site Scripting vulnerability in Moodle An issue was discovered in Moodle 3.x. | 4.3 |
| 2018-05-24 | CVE-2018-11415 | Cross-site Scripting vulnerability in SAP Internet Transaction Server 6.20 SAP Internet Transaction Server (ITS) 6200.X.X has Reflected Cross Site Scripting (XSS) via certain wgate URIs. | 6.1 |
| 2018-05-24 | CVE-2018-11332 | Cross-site Scripting vulnerability in Clippercms 1.3.3 Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote attackers to inject arbitrary web script or HTML via a crafted site name to the manager/processors/save_settings.processor.php file. | 4.8 |
| 2018-05-24 | CVE-2018-11404 | Cross-site Scripting vulnerability in Domainmod 4.09.03 DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter. | 6.1 |
| 2018-05-24 | CVE-2018-11403 | Cross-site Scripting vulnerability in Domainmod 4.09.03 DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter. | 5.4 |