Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-22 | CVE-2018-0535 | Cross-site Scripting vulnerability in PHP 2Chbbs Project PHP 2Chbbs Bbs18C Cross-site scripting vulnerability in PHP 2chBBS version bbs18c allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2018-03-22 | CVE-2018-0534 | Cross-site Scripting vulnerability in Arsenol Project Arsenol 0.5 Cross-site scripting vulnerability in ArsenoL Version 0.5 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2018-03-22 | CVE-2017-18094 | Cross-site Scripting vulnerability in Atlassian Crucible and Fisheye Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the base path setting of a configured file system repository. | 4.8 |
| 2018-03-22 | CVE-2018-8899 | Cross-site Scripting vulnerability in Identityserver Identityserver4 IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 does not encode the redirect URI on the authorization response page, which might lead to XSS in some configurations. | 6.1 |
| 2018-03-22 | CVE-2018-8906 | Cross-site Scripting vulnerability in Dsmall Project Dsmall 20180320 dsmall v20180320 has XSS via a crafted street address to public/index.php/home/memberaddress/index.html, which is mishandled at public/index.php/home/memberaddress/edit/address_id/2.html. | 6.1 |
| 2018-03-21 | CVE-2018-1229 | Cross-site Scripting vulnerability in Pivotal Software Spring Batch Admin Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. | 6.1 |
| 2018-03-21 | CVE-2017-0924 | Cross-site Scripting vulnerability in Gitlab Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the labels component resulting in persistent cross site scripting. | 6.1 |
| 2018-03-21 | CVE-2017-0923 | Cross-site Scripting vulnerability in Gitlab Gitlab Community Edition version 9.1 is vulnerable to lack of input validation in the IPython notebooks component resulting in persistent cross site scripting. | 6.1 |
| 2018-03-21 | CVE-2018-1347 | Cross-site Scripting vulnerability in Netiq Imanager 2.7.7 The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting. | 6.1 |
| 2018-03-20 | CVE-2018-8832 | Cross-site Scripting vulnerability in Enhavo 0.4.0 enhavo 0.4.0 has XSS via a user-group that contains executable JavaScript code in the user-group name. | 4.8 |