Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-06 | CVE-2017-5875 | Cross-site Scripting vulnerability in Dotcms 3.7.0 XSS was discovered in dotCMS 3.7.0, with an authenticated attack against the /myAccount addressID parameter. | 5.4 |
| 2017-02-04 | CVE-2017-5882 | Cross-site Scripting vulnerability in Sanadata Sanacms 7.3 Cross-site scripting (XSS) vulnerability in index.asp in SANADATA SanaCMS 7.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 6.1 |
| 2017-02-04 | CVE-2016-7147 | Cross-site Scripting vulnerability in Plone Cross-site scripting (XSS) vulnerability in the manage_findResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the obj_ids:tokens parameter. | 6.1 |
| 2017-02-03 | CVE-2016-9872 | Cross-site Scripting vulnerability in EMC Documentum D2 4.5/4.6 EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has Reflected Cross-Site Scripting Vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. | 6.1 |
| 2017-02-03 | CVE-2016-0919 | Cross-site Scripting vulnerability in RSA web Threat Detection 5.0/5.1/5.1.2 EMC RSA Web Threat Detection version 5.0, RSA Web Threat Detection version 5.1, RSA Web Threat Detection version 5.1.2 has a cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 6.1 |
| 2017-02-02 | CVE-2016-1566 | Cross-site Scripting vulnerability in Apache Guacamole 0.9.8/0.9.9 Cross-site scripting (XSS) vulnerability in the file browser in Guacamole 0.9.8 and 0.9.9, when file transfer is enabled to a location shared by multiple users, allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename. | 5.4 |
| 2017-02-01 | CVE-2016-9704 | Cross-site Scripting vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. | 6.1 |
| 2017-02-01 | CVE-2016-9000 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. | 6.1 |
| 2017-02-01 | CVE-2016-8999 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page in quirks mode thereby facilitating an attacker to inject malicious CSS. | 5.4 |
| 2017-02-01 | CVE-2016-5942 | Cross-site Scripting vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. | 5.4 |