Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-13 | CVE-2017-1421 | Cross-site Scripting vulnerability in IBM Inotes IBM iNotes is vulnerable to cross-site scripting. | 6.1 |
| 2017-12-13 | CVE-2017-17569 | Cross-site Scripting vulnerability in Scubez Posty Readymade Classifieds Scubez Posty Readymade Classifieds has XSS via the admin/user_activate_submit.php ID parameter. | 6.1 |
| 2017-12-12 | CVE-2017-16685 | Cross-site Scripting vulnerability in SAP Business Warehouse Universal Data Integration Cross-Site scripting (XSS) in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs. | 6.1 |
| 2017-12-12 | CVE-2017-16681 | Cross-site Scripting vulnerability in SAP Business Intelligence Promotion Management Application 4.10/4.20/4.30 Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded. | 6.1 |
| 2017-12-11 | CVE-2017-1683 | Cross-site Scripting vulnerability in IBM Connections Engagement Center 6.0 IBM Connections Engagement Center 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-12-11 | CVE-2017-1632 | Cross-site Scripting vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. | 5.4 |
| 2017-12-11 | CVE-2017-1549 | Cross-site Scripting vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. | 5.4 |
| 2017-12-11 | CVE-2017-1536 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM Support Tools for Lotus WCM (IBM WebSphere Portal 7.0, 8.0, 8.5 and 9.0) is vulnerable to cross-site scripting. | 5.4 |
| 2017-12-11 | CVE-2015-6502 | Cross-site Scripting vulnerability in Puppet Enterprise Cross-site scripting (XSS) vulnerability in the console in Puppet Enterprise before 2015.2.1 allows remote attackers to inject arbitrary web script or HTML via the string parameter, related to Login Redirect. | 6.1 |
| 2017-12-11 | CVE-2017-16723 | Cross-site Scripting vulnerability in Phoenixcontact products A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL COMSERVER BASIC 232/422/485, FL COMSERVER UNI 232/422/485, FL COMSERVER BAS 232/422/485-T, FL COMSERVER UNI 232/422/485-T, FL COM SERVER RS232, FL COM SERVER RS485, and PSI-MODEM/ETH (running firmware versions prior to 1.99, 2.20, or 2.40). | 6.1 |