Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-08 | CVE-2016-5902 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management is vulnerable to cross-site scripting. | 6.1 |
| 2017-02-08 | CVE-2016-0310 | Cross-site Scripting vulnerability in IBM Connections IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. | 5.4 |
| 2017-02-08 | CVE-2016-0305 | Cross-site Scripting vulnerability in IBM Connections IBM Connections is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. | 5.4 |
| 2017-02-08 | CVE-2017-1128 | Cross-site Scripting vulnerability in IBM products IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-08 | CVE-2017-1127 | Cross-site Scripting vulnerability in IBM products IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-08 | CVE-2016-6032 | Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-07 | CVE-2016-6096 | Cross-site Scripting vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 is vulnerable to cross-site scripting. | 6.1 |
| 2017-02-06 | CVE-2017-5367 | Cross-site Scripting vulnerability in Zoneminder 1.29.0/1.30.0 Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, which allows a remote attacker to execute malicious scripts within an authenticated client's browser. | 6.1 |
| 2017-02-06 | CVE-2017-5877 | Cross-site Scripting vulnerability in Dotcms 3.7.0 XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /about-us/locations/index direction parameter. | 6.1 |
| 2017-02-06 | CVE-2017-5876 | Cross-site Scripting vulnerability in Dotcms 3.7.0 XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /news-events/events date parameter. | 6.1 |