Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2018-01-25 CVE-2018-5967 Cross-site Scripting vulnerability in Netis-Systems Wf2419 Firmware 2.2.36123
Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter on the Bandwidth Control Rule Settings page.
network
low complexity
netis-systems CWE-79
5.4
2018-01-24 CVE-2018-6193 Cross-site Scripting vulnerability in Routers2 Project Routers2 2.24
A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, affecting the 'rtr' GET parameter in a page=graph action to cgi-bin/routers2.pl.
network
high complexity
routers2-project CWE-79
4.7
2018-01-24 CVE-2018-6190 Cross-site Scripting vulnerability in Netis-Systems Wf2419 Firmware 3.2.41381
Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page.
network
low complexity
netis-systems CWE-79
5.4
2018-01-24 CVE-2018-5705 Cross-site Scripting vulnerability in Reservo Image Hosting 1.6
Reservo Image Hosting 1.6 is vulnerable to XSS attacks.
network
low complexity
reservo CWE-79
6.1
2018-01-23 CVE-2018-5950 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
network
low complexity
gnu debian canonical redhat CWE-79
6.1
2018-01-23 CVE-2017-2746 Cross-site Scripting vulnerability in HP Jetadvantage Security Manager
Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1.
network
low complexity
hp CWE-79
6.1
2018-01-23 CVE-2017-2745 Cross-site Scripting vulnerability in HP Jetadvantage Security Manager
Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1.
network
low complexity
hp CWE-79
6.1
2018-01-23 CVE-2017-2743 Cross-site Scripting vulnerability in HP products
HP has identified a potential security vulnerability with HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS before 2308214_000901, 2308214_000900, and other firmware versions.
network
low complexity
hp CWE-79
6.1
2018-01-23 CVE-2017-15092 Cross-site Scripting vulnerability in Powerdns Recursor
A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was displayed without any escaping, allowing a remote attacker to inject HTML and Javascript code into the web interface, altering the content.
network
low complexity
powerdns CWE-79
6.1
2018-01-23 CVE-2018-6013 Cross-site Scripting vulnerability in Bigtreecms Bigtree CMS 4.2.19
Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to inject arbitrary web script or HTML via the directory parameter.
network
low complexity
bigtreecms CWE-79
5.4