Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-25 | CVE-2018-5967 | Cross-site Scripting vulnerability in Netis-Systems Wf2419 Firmware 2.2.36123 Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter on the Bandwidth Control Rule Settings page. | 5.4 |
2018-01-24 | CVE-2018-6193 | Cross-site Scripting vulnerability in Routers2 Project Routers2 2.24 A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, affecting the 'rtr' GET parameter in a page=graph action to cgi-bin/routers2.pl. | 4.7 |
2018-01-24 | CVE-2018-6190 | Cross-site Scripting vulnerability in Netis-Systems Wf2419 Firmware 3.2.41381 Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page. | 5.4 |
2018-01-24 | CVE-2018-5705 | Cross-site Scripting vulnerability in Reservo Image Hosting 1.6 Reservo Image Hosting 1.6 is vulnerable to XSS attacks. | 6.1 |
2018-01-23 | CVE-2018-5950 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. | 6.1 |
2018-01-23 | CVE-2017-2746 | Cross-site Scripting vulnerability in HP Jetadvantage Security Manager Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1. | 6.1 |
2018-01-23 | CVE-2017-2745 | Cross-site Scripting vulnerability in HP Jetadvantage Security Manager Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1. | 6.1 |
2018-01-23 | CVE-2017-2743 | Cross-site Scripting vulnerability in HP products HP has identified a potential security vulnerability with HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS before 2308214_000901, 2308214_000900, and other firmware versions. | 6.1 |
2018-01-23 | CVE-2017-15092 | Cross-site Scripting vulnerability in Powerdns Recursor A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was displayed without any escaping, allowing a remote attacker to inject HTML and Javascript code into the web interface, altering the content. | 6.1 |
2018-01-23 | CVE-2018-6013 | Cross-site Scripting vulnerability in Bigtreecms Bigtree CMS 4.2.19 Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to inject arbitrary web script or HTML via the directory parameter. | 5.4 |