Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-16 | CVE-2018-11223 | Cross-site Scripting vulnerability in Pandorafms Artica Pandora FMS XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call. | 3.5 |
2018-06-16 | CVE-2017-17062 | Cross-site Scripting vulnerability in Open-Xchange Appsuite The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, 7.8.x before 7.8.2-rev38, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management. | 4.0 |
2018-06-15 | CVE-2018-12030 | Cross-site Scripting vulnerability in Chevereto Chevereto Free before 1.0.13 has XSS. | 3.5 |
2018-06-14 | CVE-2018-12432 | Cross-site Scripting vulnerability in Javamelody Project Javamelody JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI. | 4.3 |
2018-06-14 | CVE-2018-12431 | Cross-site Scripting vulnerability in Seacms 6.61 SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page). | 3.5 |
2018-06-14 | CVE-2018-11690 | Cross-site Scripting vulnerability in Balbooa Gridbox The Balbooa Gridbox extension version 2.4.0 and previous versions for Joomla! is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. | 4.3 |
2018-06-14 | CVE-2018-11689 | Cross-site Scripting vulnerability in multiple products Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. | 4.3 |
2018-06-14 | CVE-2018-4848 | Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. | 6.1 |
2018-06-14 | CVE-2018-4842 | Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. | 4.8 |
2018-06-14 | CVE-2018-10821 | Cross-site Scripting vulnerability in Blackcat-Cms Blackcat CMS 1.3 Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel. | 3.5 |