Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-14	CVE-2018-0909	Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". network low complexity microsoft CWE-79	8.8
2018-03-14	CVE-2018-7678	Cross-site Scripting vulnerability in Netiq Access Manager 4.3/4.4 A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4. network low complexity netiq CWE-79	4.8
2018-03-14	CVE-2018-1000129	Cross-site Scripting vulnerability in Jolokia 1.3.7 An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser. network low complexity jolokia CWE-79	6.1
2018-03-14	CVE-2018-8108	Cross-site Scripting vulnerability in BUI Project BUI The select component in bui through 2018-03-13 has XSS because it performs an escape operation on already-escaped text, as demonstrated by workGroupList text. network low complexity bui-project CWE-79	6.1
2018-03-14	CVE-2018-1444	Cross-site Scripting vulnerability in IBM Websphere Portal 8.5.0.0/9.0.0.0 IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2018-03-14	CVE-2018-1441	Cross-site Scripting vulnerability in IBM Monitoring 8.1.3/8.1.4 IBM Application Performance Management - Response Time Monitoring Agent (IBM Monitoring 8.1.3 and 8.1.4) is vulnerable to cross-site scripting. network low complexity ibm CWE-79	6.1
2018-03-13	CVE-2018-7405	Cross-site Scripting vulnerability in Zohocorp Manageengine Eventlog Analyzer Cross-site scripting (XSS) in Zoho ManageEngine EventLog Analyzer before 11.12 Build 11120 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity zohocorp CWE-79	6.1
2018-03-13	CVE-2017-17442	Cross-site Scripting vulnerability in Blackberry Unified Endpoint Manager In BlackBerry UEM Management Console version 12.7.1 and earlier, a reflected cross-site scripting vulnerability that could allow an attacker to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and then persuading a user with legitimate access to the Management Console to click on the malicious link. network low complexity blackberry CWE-79	6.1
2018-03-13	CVE-2018-1000088	Cross-site Scripting vulnerability in Doorkeeper Project Doorkeeper Doorkeeper version 2.1.0 through 4.2.5 contains a Cross Site Scripting (XSS) vulnerability in web view's OAuth app form, user authorization prompt web view that can result in Stored XSS on the OAuth Client's name will cause users interacting with it will execute payload. network low complexity doorkeeper-project CWE-79	6.1
2018-03-13	CVE-2018-1000087	Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory" input box from 'files' Tab that can result in Session Hijacking, Spread Worms,Control the browser remotely. network low complexity wolfcms CWE-79	4.8