Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-05 | CVE-2017-12269 | Cross-site Scripting vulnerability in Cisco Spark A vulnerability in the web UI of Cisco Spark Messaging Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. | 5.4 |
| 2017-10-05 | CVE-2017-12265 | Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. | 6.1 |
| 2017-10-05 | CVE-2017-12258 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. | 6.1 |
| 2017-10-05 | CVE-2017-12257 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server A vulnerability in the web framework of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 6.1 |
| 2017-10-05 | CVE-2017-1000109 | Cross-site Scripting vulnerability in Jenkins Owasp Dependency-Check The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view. | 6.1 |
| 2017-10-05 | CVE-2017-1000103 | Cross-site Scripting vulnerability in Jenkins DRY The custom Details view of the Static Analysis Utilities based DRY Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view. | 5.4 |
| 2017-10-05 | CVE-2017-1000102 | Cross-site Scripting vulnerability in Jenkins Static Analysis Utilities The Details view of some Static Analysis Utilities based plugins, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to these plugins, for example the console output which is parsed to extract build warnings (Warnings Plugin), could insert arbitrary HTML into this view. | 5.4 |
| 2017-10-05 | CVE-2017-1000088 | Cross-site Scripting vulnerability in Jenkins Sidebar Link The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. | 5.4 |
| 2017-10-04 | CVE-2017-15009 | Cross-site Scripting vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm (the error page), via the errormsg parameter. | 6.1 |
| 2017-10-04 | CVE-2017-15008 | Cross-site Scripting vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all sensor titles, related to incorrect error handling for a %00 in the SRC attribute of an IMG element. | 4.8 |