Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-06 | CVE-2018-6469 | Cross-site Scripting vulnerability in Flickrrss Project Flickrrss 5.3.1 A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_tags parameter to wp-admin/options-general.php. | 6.1 |
| 2018-02-06 | CVE-2018-6468 | Cross-site Scripting vulnerability in Flickrrss Project Flickrrss 5.3.1 A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_id parameter to wp-admin/options-general.php. | 6.1 |
| 2018-02-06 | CVE-2018-6466 | Cross-site Scripting vulnerability in Flickrrss Project Flickrrss 5.3.1 A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_set parameter to wp-admin/options-general.php. | 6.1 |
| 2018-02-04 | CVE-2017-8783 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Synacor Zimbra Collaboration Suite (ZCS) before 8.7.10 has Persistent XSS. | 5.4 |
| 2018-02-04 | CVE-2017-17703 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Synacor Zimbra Collaboration Suite (ZCS) before 8.8.3 has Persistent XSS. | 6.1 |
| 2018-02-02 | CVE-2016-0311 | Cross-site Scripting vulnerability in IBM Tivoli Business Service Manager 6.1.0/6.1.1 Cross-site scripting (XSS) vulnerability in IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 and 6.1.1 before 6.1.1-TIV-BSM-FP0004 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2018-02-02 | CVE-2016-0303 | Cross-site Scripting vulnerability in IBM Tivoli Integrated Portal Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2018-02-02 | CVE-2015-2796 | Cross-site Scripting vulnerability in Projectpier 0.8.8 Multiple cross-site scripting (XSS) vulnerabilities in Project-Pier ProjectPier-Core allow remote attackers to inject arbitrary web script or HTML via the search_for parameter to (1) search_by_tag.php, (2) search_contacts.php, or (3) search.php. | 6.1 |
| 2018-02-02 | CVE-2018-6561 | Cross-site Scripting vulnerability in Dojotoolkit Dojo 1.13.0 dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element. | 6.1 |
| 2018-02-02 | CVE-2017-18121 | Cross-site Scripting vulnerability in multiple products The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an attacker to craft links that could execute arbitrary JavaScript code on the victim's web browser. | 6.1 |