Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2016-12-15 CVE-2016-5124 Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.8.1
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev14.
network
low complexity
open-xchange CWE-79
6.1
6.1
2016-12-15 CVE-2016-4045 Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.8.1
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11.
network
low complexity
open-xchange CWE-79
6.1
6.1
2016-12-15 CVE-2016-4026 Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.8.1
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11.
network
low complexity
open-xchange CWE-79
6.1
6.1
2016-12-15 CVE-2016-3173 Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.8.0
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27.
network
low complexity
open-xchange CWE-79
5.4
5.4
2016-12-15 CVE-2016-2840 Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.8.0
An issue was discovered in Open-Xchange Server 6 / OX AppSuite before 7.8.0-rev26.
network
low complexity
open-xchange CWE-79
6.1
6.1
2016-12-14 CVE-2016-9214 Cross-site Scripting vulnerability in Cisco Identity Services Engine Software 2.0(1.130)
Cisco Identity Services Engine (ISE) contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.
network
low complexity
cisco CWE-79
6.1
6.1
2016-12-14 CVE-2016-9206 Cross-site Scripting vulnerability in Cisco Unified Communications Manager 11.5(1.10000.6)
A vulnerability in the ccmadmin page of Cisco Unified Communications Manager (CUCM) could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks.
network
low complexity
cisco CWE-79
6.1
6.1
2016-12-14 CVE-2016-9202 Cross-site Scripting vulnerability in Cisco Email Security Appliance
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting (XSS) attack against a user of the affected interface on an affected device.
network
low complexity
cisco CWE-79
6.1
6.1
2016-12-14 CVE-2016-9200 Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 10.5.1/10.6.0
A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface.
network
low complexity
cisco CWE-79
6.1
6.1
2016-12-13 CVE-2016-5060 Cross-site Scripting vulnerability in Naver Ngrinder
Multiple cross-site scripting (XSS) vulnerabilities in nGrinder before 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) description, (2) email, or (3) username parameter to user/save.
network
low complexity
naver CWE-79
6.1
6.1