Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-25	CVE-2018-9016	Cross-site Scripting vulnerability in Dsmall Project Dsmall 20180320 dsmall v20180320 allows XSS via the main page search box at the public/index.php/home URI. network low complexity dsmall-project CWE-79	6.1
2018-03-25	CVE-2018-9015	Cross-site Scripting vulnerability in Dsmall Project Dsmall 20180320 dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdr_sn parameter (aka the CMS search box). network low complexity dsmall-project CWE-79	5.4
2018-03-24	CVE-2018-8973	Cross-site Scripting vulnerability in Otcms 3.20 OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWord_deal.php?mudi=add request. network low complexity otcms CWE-79	6.1
2018-03-24	CVE-2015-9257	Cross-site Scripting vulnerability in BMC Remedy Action Request System BMC Remedy Action Request (AR) System 9.0 before 9.0.00 Service Pack 2 hot fix 1 has persistent XSS. network low complexity bmc CWE-79	6.1
2018-03-24	CVE-2017-17750	Cross-site Scripting vulnerability in Bose Soundtouch Bose SoundTouch devices allow XSS via a crafted public playlist from Spotify. network low complexity bose CWE-79	5.4
2018-03-24	CVE-2017-17749	Cross-site Scripting vulnerability in Bose Soundtouch Bose SoundTouch devices allow XSS via crafted song data from a music service, as demonstrated by Pandora. network low complexity bose CWE-79	5.4
2018-03-23	CVE-2018-8957	Cross-site Scripting vulnerability in Covercms Project Covercms 1.1.6 CoverCMS v1.1.6 has XSS via the fourth input box to index.php, related to admina/mconfigs.inc.php. network low complexity covercms-project CWE-79	5.4
2018-03-23	CVE-2018-1000139	Cross-site Scripting vulnerability in I-Librarian I Librarian I, Librarian version 4.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in "id" parameter in stable.php that can result in an attacker using the XSS to send a malicious script to an unsuspecting user. network low complexity i-librarian CWE-79	6.1
2018-03-23	CVE-2018-1429	Cross-site Scripting vulnerability in IBM MQ Appliance IBM MQ Appliance 9.0.1, 9.0.2, 9.0.3, amd 9.0.4 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2018-03-23	CVE-2017-1762	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4