Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-27 | CVE-2017-17893 | Cross-site Scripting vulnerability in Readymade Video Sharing Script Project Readymade Video Sharing Script 3.2 Readymade Video Sharing Script has XSS via the search_video.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter. | 6.1 |
| 2017-12-27 | CVE-2017-17869 | Cross-site Scripting vulnerability in Mgl-Instagram-Gallery Project Mgl-Instagram-Gallery The mgl-instagram-gallery plugin for WordPress has XSS via the single-gallery.php media parameter. | 6.1 |
| 2017-12-27 | CVE-2017-17868 | Cross-site Scripting vulnerability in Liferay Portal 6.1.0 In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter (p_r_p) value, as demonstrated by p_r_p_564233524_tag. | 6.1 |
| 2017-12-27 | CVE-2017-17859 | Cross-site Scripting vulnerability in Samsung Internet Browser 6.2.01.12 Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. | 6.1 |
| 2017-12-27 | CVE-2017-17832 | Cross-site Scripting vulnerability in Serverscheck Monitoring Software ServersCheck Monitoring Software before 14.2.3 is prone to a cross-site scripting vulnerability as user supplied-data is not validated/sanitized when passed in the settings_SMS_ALERT_TYPE parameter, and JavaScript can be executed on settings-save.html (the Settings - SMS Alerts page). | 5.4 |
| 2017-12-27 | CVE-2017-1365 | Cross-site Scripting vulnerability in IBM products IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting. | 5.4 |
| 2017-12-22 | CVE-2017-15312 | Cross-site Scripting vulnerability in Huawei Smartcare V200R003C10 Huawei SmartCare V200R003C10 has a stored XSS (cross-site scripting) vulnerability in the dashboard module. | 5.4 |
| 2017-12-21 | CVE-2017-14363 | Cross-site Scripting vulnerability in Microfocus Operations Manager I 10.60/10.61/10.62 Cross-Site Scripting (XSS) vulnerability has been identified in Micro Focus Operations Manager i, versions 10.60, 10.61, 10.62. | 5.4 |
| 2017-12-21 | CVE-2017-17828 | Cross-site Scripting vulnerability in Doditsolutions Busbooking-Script Bus Booking Script has XSS via the results.php datepicker parameter or the admin/new_master.php spemail parameter. | 4.8 |
| 2017-12-21 | CVE-2017-17826 | Cross-site Scripting vulnerability in Piwigo 2.9.2 The Configuration component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via the gallery_title parameter in an admin.php?page=configuration§ion=main request. | 6.1 |