Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-12 | CVE-2017-15719 | Cross-site Scripting vulnerability in Wicket-Jquery-Ui Project Wicket-Jquery-Ui In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor. | 6.1 |
| 2018-03-12 | CVE-2018-8070 | Cross-site Scripting vulnerability in Qcms 3.0 QCMS version 3.0 has XSS via the title parameter to the /guest/index.html URI. | 5.4 |
| 2018-03-12 | CVE-2018-8069 | Cross-site Scripting vulnerability in Qcms 3.0 QCMS version 3.0 has XSS via the webname parameter to the /backend/system.html URI. | 5.4 |
| 2018-03-12 | CVE-2018-8058 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.6 CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via the pagedata parameter. | 4.8 |
| 2018-03-12 | CVE-2018-7893 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.6 CMS Made Simple (CMSMS) 2.2.6 has stored XSS in admin/moduleinterface.php via the metadata parameter. | 4.8 |
| 2018-03-09 | CVE-2018-7290 | Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Cross Site Scripting (XSS) exists in Tiki before 12.13, 15.6, 17.2, and 18.1. | 5.4 |
| 2018-03-09 | CVE-2016-0253 | Cross-site Scripting vulnerability in IBM Financial Transaction Manager Cross-site scripting (XSS) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2018-03-09 | CVE-2018-7997 | Cross-site Scripting vulnerability in Eramba E1.0.6.033 Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV file inclusion tab of the /importTool/preview URI, with a CSV file polluted with malicious JavaScript. | 6.1 |
| 2018-03-09 | CVE-2018-7996 | Cross-site Scripting vulnerability in Eramba E1.0.6.033 Eramba e1.0.6.033 has Stored XSS on the tooltip box via the /programScopes description parameter. | 6.1 |
| 2018-03-09 | CVE-2018-0547 | Cross-site Scripting vulnerability in Soflyy WP ALL Import Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.7 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |