Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-10 | CVE-2016-10256 | Cross-site Scripting vulnerability in Broadcom Symantec Proxysg The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. | 6.1 |
| 2018-01-10 | CVE-2018-0799 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016 Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and Microsoft SharePoint Enterprise Server 2016 allows a cross-site-scripting (XSS) vulnerability due to the way image field values are handled, aka "Microsoft Access Tampering Vulnerability". | 6.1 |
| 2018-01-09 | CVE-2018-5316 | Cross-site Scripting vulnerability in Patsatech Sagepay Server Gateway for Woocommerce The "SagePay Server Gateway for WooCommerce" plugin before 1.0.9 for WordPress has XSS via the includes/pages/redirect.php page parameter. | 6.1 |
| 2018-01-09 | CVE-2017-1000465 | Cross-site Scripting vulnerability in Sulu Sulu-Standard 1.6.6 Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code. | 5.4 |
| 2018-01-09 | CVE-2017-1000429 | Cross-site Scripting vulnerability in Finecms Project Finecms 5.0.10 rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file Weixin.php. | 6.1 |
| 2018-01-09 | CVE-2018-5312 | Cross-site Scripting vulnerability in Wpshopmart Tabs Responsive 1.8.0 The tabs-responsive plugin 1.8.0 for WordPress has XSS via the post_title parameter to wp-admin/post.php. | 5.4 |
| 2018-01-09 | CVE-2018-5311 | Cross-site Scripting vulnerability in Tonjoostudio Easy Custom Auto Excerpt 2.4.6 The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjoo_ecae_options[custom_css] parameter to the wp-admin/admin.php?page=tonjoo_excerpt URI. | 5.4 |
| 2018-01-08 | CVE-2018-5263 | Cross-site Scripting vulnerability in Stackideas Easydiscuss The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before 4.0.21 for Joomla! allows XSS. | 5.4 |
| 2018-01-08 | CVE-2017-7998 | Cross-site Scripting vulnerability in Gespage Multiple cross-site scripting (XSS) vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) printer name when adding a printer in the admin panel or (2) username parameter to webapp/users/user_reg.jsp. | 6.1 |
| 2018-01-08 | CVE-2014-5069 | Cross-site Scripting vulnerability in Microsemi S350I Firmware 2.70.15 Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inject arbitrary web script or HTML via vectors involving system logs. | 6.1 |