Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-01	CVE-2017-14800	Cross-site Scripting vulnerability in Netiq Access Manager A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users. network low complexity netiq CWE-79	6.1
2018-03-01	CVE-2017-14799	Cross-site Scripting vulnerability in Netiq Access Manager A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into the login page. network low complexity netiq CWE-79	6.1
2018-03-01	CVE-2018-2365	Cross-site Scripting vulnerability in SAP Netweaver Portal SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. network low complexity sap CWE-79	6.1
2018-02-28	CVE-2018-7469	Cross-site Scripting vulnerability in Entrepreneur JOB Portal Script Project Entrepreneur JOB Portal Script 2.0.9 PHP Scripts Mall Entrepreneur Job Portal Script 2.0.9 has XSS via the p_name (aka Edit Category Name) field to admin/categories_industry.php (aka Categories - Industry Type). network low complexity entrepreneur-job-portal-script-project CWE-79	4.8
2018-02-27	CVE-2018-7547	Cross-site Scripting vulnerability in Lingyun Lyadmin lyadmin 1.x has XSS via the config[WEB_SITE_TITLE] parameter to the /admin.php?s=/admin/config/groupsave.html URI. network low complexity lingyun CWE-79	4.8
2018-02-27	CVE-2012-3536	Cross-site Scripting vulnerability in Apache Hupa Two XSS vulnerabilities were fixed in message list and view in the Hupa Webmail application from the Apache James project. network low complexity apache CWE-79	6.1
2018-02-27	CVE-2018-1416	Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	6.1
2018-02-27	CVE-2018-1399	Cross-site Scripting vulnerability in IBM Daeja Viewone IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5 and 5.0 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2018-02-27	CVE-2017-17478	Cross-site Scripting vulnerability in Pega Platform An XSS issue was discovered in Designer Studio in Pegasystems Pega Platform 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2, 7.2.1, and 7.2.2. network low complexity pega CWE-79	4.8
2018-02-27	CVE-2017-16767	Cross-site Scripting vulnerability in Synology Surveillance Station Cross-site scripting (XSS) vulnerability in User Profile in Synology Surveillance Station before 8.1.2-5469 allows remote authenticated users to inject arbitrary web script or HTML via the userDesc parameter. network low complexity synology CWE-79	5.4