Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2018-03-26 CVE-2018-1201 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Job Operations Page within the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
4.8
2018-03-26 CVE-2018-1189 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Antivirus Page within the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
4.8
2018-03-26 CVE-2018-1188 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, and versions 7.2.1.x is affected by a cross-site scripting vulnerability in the Authorization Providers page within the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
4.8
2018-03-26 CVE-2018-1187 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6 is affected by a cross-site scripting vulnerability in the Network Configuration page within the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
4.8
2018-03-26 CVE-2018-1186 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Cluster description of the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
4.8
2018-03-26 CVE-2015-7423 Cross-site Scripting vulnerability in IBM Infosphere Master Data Management
Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
ibm CWE-79
5.4
5.4
2018-03-26 CVE-2018-9020 Cross-site Scripting vulnerability in Pixelite Events Manager
The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature.
network
low complexity
pixelite CWE-79
5.4
5.4
2018-03-25 CVE-2018-8979 Cross-site Scripting vulnerability in Open-Audit 2.1
Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI.
network
low complexity
open-audit CWE-79
8.8
8.8
2018-03-25 CVE-2018-8978 Cross-site Scripting vulnerability in Open-Audit 2.1
Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an IMG element within a URI.
network
low complexity
open-audit CWE-79
5.4
5.4
2018-03-25 CVE-2018-9017 Cross-site Scripting vulnerability in Dsmall Project Dsmall 20180320
dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI.
network
low complexity
dsmall-project CWE-79
5.4
5.4