Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2017-03-13 CVE-2017-5620 Cross-site Scripting vulnerability in Zammad
An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1.
network
low complexity
zammad CWE-79
6.1
6.1
2017-03-12 CVE-2017-6820 Cross-site Scripting vulnerability in Roundcube Webmail
rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.
network
low complexity
roundcube CWE-79
6.1
6.1
2017-03-12 CVE-2017-6818 Cross-site Scripting vulnerability in Wordpress
In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names.
network
low complexity
wordpress CWE-79
6.1
6.1
2017-03-12 CVE-2017-6817 Cross-site Scripting vulnerability in multiple products
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
network
low complexity
wordpress debian CWE-79
5.4
5.4
2017-03-12 CVE-2017-6814 Cross-site Scripting vulnerability in multiple products
In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata.
network
low complexity
wordpress debian CWE-79
5.4
5.4
2017-03-11 CVE-2017-6812 Cross-site Scripting vulnerability in Mangoswebv4 Project Mangoswebv4 4.0.8
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.vote.php (id parameter).
network
low complexity
mangoswebv4-project CWE-79
6.1
6.1
2017-03-11 CVE-2017-6811 Cross-site Scripting vulnerability in Mangoswebv4 Project Mangoswebv4 4.0.8
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.shop.php (id parameter).
network
low complexity
mangoswebv4-project CWE-79
6.1
6.1
2017-03-11 CVE-2017-6810 Cross-site Scripting vulnerability in Mangoswebv4 Project Mangoswebv4 4.0.8
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.fplinks.php (linkid parameter).
network
low complexity
mangoswebv4-project CWE-79
6.1
6.1
2017-03-11 CVE-2017-6809 Cross-site Scripting vulnerability in Mangoswebv4 Project Mangoswebv4 4.0.8
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.donate.php (id parameter).
network
low complexity
mangoswebv4-project CWE-79
6.1
6.1
2017-03-11 CVE-2017-6808 Cross-site Scripting vulnerability in Mangoswebv4 Project Mangoswebv4 4.0.8
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.faq.php (id parameter).
network
low complexity
mangoswebv4-project CWE-79
6.1
6.1