Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-12 | CVE-2017-15278 | Cross-site Scripting vulnerability in Teampass Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. | 5.4 |
| 2017-10-11 | CVE-2017-8017 | Cross-site Scripting vulnerability in EMC Smarts Network Configuration Manager EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x is affected by a reflected cross-site scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 6.1 |
| 2017-10-11 | CVE-2017-8016 | Cross-site Scripting vulnerability in EMC Archer GRC Platform 6.2.0.4 RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Questionnaire ID field. | 5.4 |
| 2017-10-11 | CVE-2017-14372 | Cross-site Scripting vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages. | 6.1 |
| 2017-10-11 | CVE-2017-14371 | Cross-site Scripting vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting via the request URL. | 6.1 |
| 2017-10-11 | CVE-2017-14370 | Cross-site Scripting vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Source Asset ID field. | 5.4 |
| 2017-10-11 | CVE-2017-14588 | Cross-site Scripting vulnerability in Atlassian Fisheye Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the dialog parameter. | 6.1 |
| 2017-10-11 | CVE-2017-14587 | Cross-site Scripting vulnerability in Atlassian Fisheye The administration user deletion resource in Atlassian Fisheye and Crucible before version 4.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the uname parameter. | 5.4 |
| 2017-10-11 | CVE-2017-7352 | Cross-site Scripting vulnerability in Purestorage Purity 4.7.5 Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System > Configuration > SNMP > Add SNMP Trap Manager' screen. | 5.4 |
| 2017-10-11 | CVE-2017-15215 | Cross-site Scripting vulnerability in Shaarli Project Shaarli 0.9.1 Reflected XSS vulnerability in Shaarli v0.9.1 allows an unauthenticated attacker to inject JavaScript via the searchtags parameter to index.php. | 6.1 |