Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-16	CVE-2018-11223	Cross-site Scripting vulnerability in Pandorafms Artica Pandora FMS XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call. network pandorafms CWE-79	3.5
2018-06-16	CVE-2017-17062	Cross-site Scripting vulnerability in Open-Xchange Appsuite The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, 7.8.x before 7.8.2-rev38, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management. network low complexity open-xchange CWE-79	4.0
2018-06-15	CVE-2018-12030	Cross-site Scripting vulnerability in Chevereto Chevereto Free before 1.0.13 has XSS. network chevereto CWE-79	3.5
2018-06-14	CVE-2018-12432	Cross-site Scripting vulnerability in Javamelody Project Javamelody JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI. network javamelody-project CWE-79	4.3
2018-06-14	CVE-2018-12431	Cross-site Scripting vulnerability in Seacms 6.61 SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page). network seacms CWE-79	3.5
2018-06-14	CVE-2018-11690	Cross-site Scripting vulnerability in Balbooa Gridbox The Balbooa Gridbox extension version 2.4.0 and previous versions for Joomla! is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. network balbooa CWE-79	4.3
2018-06-14	CVE-2018-11689	Cross-site Scripting vulnerability in multiple products Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. network samsung hanwha-security CWE-79	4.3
2018-06-14	CVE-2018-4848	Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. network low complexity siemens CWE-79	6.1
2018-06-14	CVE-2018-4842	Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. network low complexity siemens CWE-79	4.8
2018-06-14	CVE-2018-10821	Cross-site Scripting vulnerability in Blackcat-Cms Blackcat CMS 1.3 Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel. network blackcat-cms CWE-79	3.5