Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2017-03-27 CVE-2015-8310 Cross-site Scripting vulnerability in Fomori Cherrymusic 0.35.2
Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist.
network
low complexity
fomori CWE-79
5.4
5.4
2017-03-27 CVE-2017-6067 Cross-site Scripting vulnerability in Getsymphony Symphony 2.6.9
Symphony 2.6.9 has XSS in publish/notes/edit/##/saved/ via the bottom form field.
network
low complexity
getsymphony CWE-79
6.1
6.1
2017-03-27 CVE-2017-6003 Cross-site Scripting vulnerability in Dotcms 3.7.0
dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_language in portal/layout via the bottom two form fields.
network
low complexity
dotcms CWE-79
6.1
6.1
2017-03-26 CVE-2017-2645 Cross-site Scripting vulnerability in Moodle
In Moodle 3.x, XSS can occur via attachments to evidence of prior learning.
network
low complexity
moodle CWE-79
6.1
6.1
2017-03-26 CVE-2017-2644 Cross-site Scripting vulnerability in Moodle
In Moodle 3.x, XSS can occur via evidence of prior learning.
network
low complexity
moodle CWE-79
6.1
6.1
2017-03-24 CVE-2017-7257 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_content parameter.
network
low complexity
cmsmadesimple CWE-79
5.4
5.4
2017-03-24 CVE-2017-7256 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_summary parameter.
network
low complexity
cmsmadesimple CWE-79
5.4
5.4
2017-03-24 CVE-2017-7255 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_title parameter.
network
low complexity
cmsmadesimple CWE-79
5.4
5.4
2017-03-23 CVE-2017-7251 Cross-site Scripting vulnerability in Piengine PI 2.5.0
A Cross-Site Scripting (XSS) was discovered in pi-engine/pi 2.5.0.
network
low complexity
piengine CWE-79
6.1
6.1
2017-03-23 CVE-2017-7250 Cross-site Scripting vulnerability in Gazelle Project Gazelle
A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03-19.
network
low complexity
gazelle-project CWE-79
6.1
6.1