Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2018-02-09	CVE-2017-1761	Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	6.1
2018-02-08	CVE-2015-2329	Cross-site Scripting vulnerability in Woocommerce Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via a crafted order. network low complexity woocommerce CWE-79	6.1
2018-02-08	CVE-2012-0941	Cross-site Scripting vulnerability in Fortinet Fortios Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log&Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list. network low complexity fortinet CWE-79	6.1
2018-02-08	CVE-2017-6225	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information. network low complexity brocade broadcom CWE-79	6.1
2018-02-08	CVE-2018-5550	Cross-site Scripting vulnerability in Epson Airprint Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user. network low complexity epson CWE-79	6.1
2018-02-08	CVE-2018-0513	Cross-site Scripting vulnerability in Mtssb.Mt-Systems Simple Booking 1.2.1/1.28.0 Cross-site scripting vulnerability in MTS Simple Booking C, MTS Simple Booking Business version 1.28.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity mtssb-mt-systems CWE-79	6.1
2018-02-08	CVE-2018-6844	Cross-site Scripting vulnerability in Mybb 1.8.14 MyBB 1.8.14 has XSS via the Title or Description field on the Edit Forum screen. network low complexity mybb CWE-79	5.4
2018-02-08	CVE-2018-6834	Cross-site Scripting vulnerability in Etherpad Lite static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via window.location.href. network low complexity etherpad CWE-79	6.1
2018-02-08	CVE-2018-0129	Cross-site Scripting vulnerability in Cisco Data Center Analytics Framework 1.0 A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. network low complexity cisco CWE-79	6.1
2018-02-08	CVE-2018-0128	Cross-site Scripting vulnerability in Cisco Data Center Analytics Framework A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. network low complexity cisco CWE-79	6.1