Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-23 | CVE-2018-10428 | Cross-site Scripting vulnerability in Ilias ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due to inconsistencies in parameter handling, is vulnerable to various instances of reflected cross-site-scripting. | 6.1 |
| 2018-05-23 | CVE-2018-6495 | Cross-site Scripting vulnerability in Microfocus CMS Server, Universal Cmdb and Universal Cmdb Browser Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. | 5.4 |
| 2018-05-23 | CVE-2018-10649 | Cross-site Scripting vulnerability in Citrix Xenmobile Server 10.7 There is a Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.7 before RP3. | 6.1 |
| 2018-05-22 | CVE-2018-10095 | Cross-site Scripting vulnerability in Dolibarr Cross-site scripting (XSS) vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php. | 6.1 |
| 2018-05-22 | CVE-2018-6492 | Cross-site Scripting vulnerability in HP products Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. | 6.1 |
| 2018-05-22 | CVE-2018-11093 | Cross-site Scripting vulnerability in Ckeditor 5-Link Cross-site scripting (XSS) vulnerability in the Link package for CKEditor 5 before 10.0.1 allows remote attackers to inject arbitrary web script through a crafted href attribute of a link (A) element. | 6.1 |
| 2018-05-22 | CVE-2018-6378 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager. | 6.1 |
| 2018-05-22 | CVE-2018-11328 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 4.7 |
| 2018-05-22 | CVE-2018-11326 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 4.8 |
| 2018-05-22 | CVE-2018-11366 | Cross-site Scripting vulnerability in Loginizer 1.3.8/1.3.9 init.php in the Loginizer plugin 1.3.8 through 1.3.9 for WordPress has Unauthenticated Stored Cross-Site Scripting (XSS) because logging is mishandled. | 6.1 |