Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-10 | CVE-2017-6799 | Cross-site Scripting vulnerability in Mantisbt A cross-site scripting (XSS) vulnerability in view_filters_page.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'view_type' parameter. | 6.1 |
| 2017-03-10 | CVE-2017-6797 | Cross-site Scripting vulnerability in Mantisbt A cross-site scripting (XSS) vulnerability in bug_change_status_page.php in MantisBT before 1.3.7 and 2.x before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'action_type' parameter. | 6.1 |
| 2017-03-09 | CVE-2017-6591 | Cross-site Scripting vulnerability in Django-Epiceditor Project Django-Epiceditor 0.2.3 There is a cross-site scripting vulnerability in django-epiceditor 0.2.3 via crafted content in a form field. | 6.1 |
| 2017-03-09 | CVE-2017-6589 | Cross-site Scripting vulnerability in Epiceditor Project Epiceditor EpicEditor through 0.2.3 has Cross-Site Scripting because of an insecure default marked.js configuration. | 6.1 |
| 2017-03-09 | CVE-2017-6562 | Cross-site Scripting vulnerability in Agora-Project 3.2.2 XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=[XSS] attack. | 6.1 |
| 2017-03-09 | CVE-2017-6561 | Cross-site Scripting vulnerability in Agora-Project 3.2.2 XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=object&action=[XSS] attack. | 6.1 |
| 2017-03-09 | CVE-2017-6560 | Cross-site Scripting vulnerability in Agora-Project 3.2.2 XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=misc&action=[XSS]&editObjId=[XSS] attack. | 6.1 |
| 2017-03-09 | CVE-2017-6559 | Cross-site Scripting vulnerability in Agora-Project 3.2.2 XSS in Agora-Project 3.2.2 exists with an index.php?disconnect=1&msgNotif[]=[XSS] attack. | 6.1 |
| 2017-03-09 | CVE-2017-6556 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6 Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the "adminpage > sitesetting > General Settings > globalmetadata" field. | 5.4 |
| 2017-03-09 | CVE-2017-6555 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6 Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php in CMS Made Simple 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the m1_description parameter (aka "Design Manager > Categories > Category Description"). | 5.4 |