Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-09 | CVE-2018-0546 | Cross-site Scripting vulnerability in Soflyy WP ALL Import Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.6 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2018-03-09 | CVE-2018-7894 | Cross-site Scripting vulnerability in Eramba E1.0.6.033 Eramba e1.0.6.033 has Reflected XSS in reviews/filterIndex/ThirdPartyRiskReview via the advanced_filter parameter (aka the Search Parameter). | 6.1 |
| 2018-03-08 | CVE-2017-7634 | Cross-site Scripting vulnerability in Qnap Media Streaming Add-On Cross-site scripting (XSS) vulnerability in QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to inject arbitrary web script or HTML. | 6.1 |
| 2018-03-08 | CVE-2018-0223 | Cross-site Scripting vulnerability in Cisco Security Manager 4.9(0)Qa99 A vulnerability in DesktopServlet in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. | 6.1 |
| 2018-03-08 | CVE-2018-0220 | Cross-site Scripting vulnerability in Cisco Videoscape Anyres Live 9.7.6 A vulnerability in the web-based management interface of Cisco Videoscape AnyRes Live could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 5.4 |
| 2018-03-08 | CVE-2018-0219 | Cross-site Scripting vulnerability in Cisco Unified Computing System Director 6.6(0.0) A vulnerability in the web-based management interface of Cisco Unified Computing System (UCS) Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2018-03-08 | CVE-2018-0212 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2018-03-08 | CVE-2018-0208 | Cross-site Scripting vulnerability in Cisco Email Encryption 5.3.0 A vulnerability in the web-based management interface of the (cloud based) Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. | 5.4 |
| 2018-03-08 | CVE-2018-0144 | Cross-site Scripting vulnerability in Cisco Prime Data Center Network Manager 10.4(1.109) A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2018-03-07 | CVE-2018-7564 | Cross-site Scripting vulnerability in Polycom QDX 6000 Firmware Stored XSS exists on Polycom QDX 6000 devices. | 6.1 |