Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-13 | CVE-2018-5653 | Cross-site Scripting vulnerability in Weblizar Pinterest-Feeds 1.1.1 An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. | 6.1 |
| 2018-01-13 | CVE-2018-5652 | Cross-site Scripting vulnerability in Dark Mode Project Dark Mode 1.6 An issue was discovered in the dark-mode plugin 1.6 for WordPress. | 4.8 |
| 2018-01-13 | CVE-2018-5651 | Cross-site Scripting vulnerability in Dark Mode Project Dark Mode 1.6 An issue was discovered in the dark-mode plugin 1.6 for WordPress. | 4.8 |
| 2018-01-12 | CVE-2015-9248 | Cross-site Scripting vulnerability in Skyboxsecurity Skybox Platform An issue was discovered in Skybox Platform before 7.5.201. | 5.4 |
| 2018-01-12 | CVE-2015-9247 | Cross-site Scripting vulnerability in Skyboxsecurity Skybox Platform 7.5.201 An issue was discovered in Skybox Platform before 7.5.401. | 5.4 |
| 2018-01-12 | CVE-2016-10706 | Cross-site Scripting vulnerability in Automattic Jetpack The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link. | 6.1 |
| 2018-01-12 | CVE-2016-10705 | Cross-site Scripting vulnerability in Automattic Jetpack The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module. | 6.1 |
| 2018-01-12 | CVE-2017-18014 | Cross-site Scripting vulnerability in Sophos Sfos 15.01.0/16.5/17.0 An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. | 6.1 |
| 2018-01-12 | CVE-2016-0336 | Cross-site Scripting vulnerability in IBM Security Identity Manager Cross-site scripting (XSS) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2018-01-12 | CVE-2017-16864 | Cross-site Scripting vulnerability in Atlassian Jira The issue search resource in Atlassian Jira before version 7.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the orderby parameter. | 6.1 |