Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-23 | CVE-2015-8862 | Cross-site Scripting vulnerability in Mustache.Js Project Mustache.Js mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted. | 6.1 |
| 2017-01-23 | CVE-2015-8861 | Cross-site Scripting vulnerability in Handlebars.Js Project Handlebars.Js The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted. | 6.1 |
| 2017-01-23 | CVE-2015-8856 | Cross-site Scripting vulnerability in Openjsf Serve-Index Cross-site scripting (XSS) vulnerability in the serve-index package before 1.6.3 for Node.js allows remote attackers to inject arbitrary web script or HTML via a crafted file or directory name. | 6.1 |
| 2017-01-23 | CVE-2014-9772 | Cross-site Scripting vulnerability in Nodejs Node.Js The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters. | 6.1 |
| 2017-01-23 | CVE-2013-7454 | Cross-site Scripting vulnerability in Nodejs Node.Js The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings. | 6.1 |
| 2017-01-23 | CVE-2013-7453 | Cross-site Scripting vulnerability in Nodejs Node.Js The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing. | 6.1 |
| 2017-01-23 | CVE-2013-7452 | Cross-site Scripting vulnerability in Nodejs Node.Js The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI. | 6.1 |
| 2017-01-23 | CVE-2013-7451 | Cross-site Scripting vulnerability in Nodejs Node.Js 1.0.4 The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag. | 6.1 |
| 2017-01-23 | CVE-2017-5553 | Cross-site Scripting vulnerability in B2Evolution Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL. | 5.4 |
| 2017-01-23 | CVE-2016-8213 | Cross-site Scripting vulnerability in EMC products EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and Version 7.2 prior to P18 contain a Stored Cross-Site Scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 6.1 |