Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-02 | CVE-2018-10075 | Cross-site Scripting vulnerability in Zohocorp Manageengine Eventlog Analyzer 11.12 Cross-site scripting (XSS) vulnerability in Zoho ManageEngine EventLog Analyzer 11.12 allows remote attackers to inject arbitrary web script or HTML via the import logs feature. | 4.3 |
| 2018-07-02 | CVE-2018-0499 | Cross-site Scripting vulnerability in multiple products A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet(). | 4.3 |
| 2018-07-01 | CVE-2018-13039 | Cross-site Scripting vulnerability in Opendesa Opensid 18.06Pasca OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI. | 4.3 |
| 2018-06-30 | CVE-2018-7475 | Cross-site Scripting vulnerability in Icewarp Mail Server 12.0.3 Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in IceWarp Mail Server 12.0.3 allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
| 2018-06-29 | CVE-2018-13003 | Cross-site Scripting vulnerability in Opentsdb 2.3.0 An issue was discovered in OpenTSDB 2.3.0. | 4.3 |
| 2018-06-29 | CVE-2018-13002 | Cross-site Scripting vulnerability in Weblication CMS Core & Grid 12.6.24 An XSS issue was discovered in Inhaltsprojekte in Weblication CMS Core & Grid v12.6.24. | 3.5 |
| 2018-06-29 | CVE-2018-13001 | Cross-site Scripting vulnerability in Sandoba Cp::Shop 2016.1 An XSS issue was discovered in Sandoba CP:Shop v2016.1. | 4.3 |
| 2018-06-29 | CVE-2018-13000 | Cross-site Scripting vulnerability in Anelectron Advanced Electron Forum 1.0.9 An XSS issue was discovered in Advanced Electron Forum (AEF) v1.0.9. | 3.5 |
| 2018-06-29 | CVE-2018-12998 | Cross-site Scripting vulnerability in Zohocorp products A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet. | 6.1 |
| 2018-06-29 | CVE-2018-12996 | Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager before 13 (Build 13800) allows remote attackers to inject arbitrary web script or HTML via the parameter 'method' to GraphicalView.do. | 4.3 |