Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-28 | CVE-2017-1591 | Cross-site Scripting vulnerability in IBM Datapower Gateway IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is vulnerable to cross-site scripting. | 6.1 |
| 2017-09-28 | CVE-2017-14622 | Cross-site Scripting vulnerability in 2Kblater 2KB Amazon Affiliates Store Multiple cross-site scripting (XSS) vulnerabilities in the 2kb Amazon Affiliates Store plugin before 2.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter or (2) kbAction parameter in the kbAmz page to wp-admin/admin.php. | 6.1 |
| 2017-09-28 | CVE-2015-7349 | Cross-site Scripting vulnerability in Vasco Digipass Cross-site scripting (XSS) vulnerability in the sample feedback.inc file in VASCO DIGIPASS authentication plug-in for Citrix Web Interface allows remote attackers to inject arbitrary web script or HTML via the failmessage parameter. | 6.1 |
| 2017-09-28 | CVE-2015-5613 | Cross-site Scripting vulnerability in Octobercms October Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving a file title, a different vulnerability than CVE-2015-5612. | 5.4 |
| 2017-09-27 | CVE-2017-14765 | Cross-site Scripting vulnerability in Genixcms 1.1.4 In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request. | 6.1 |
| 2017-09-27 | CVE-2017-14762 | Cross-site Scripting vulnerability in Genixcms 1.1.4 In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter. | 6.1 |
| 2017-09-27 | CVE-2017-14761 | Cross-site Scripting vulnerability in Genixcms 1.1.4 In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter. | 6.1 |
| 2017-09-27 | CVE-2017-14753 | Cross-site Scripting vulnerability in Eyesofnetwork 5.10 Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the filter parameter to module/module_filters/index.php. | 5.4 |
| 2017-09-26 | CVE-2017-14751 | Cross-site Scripting vulnerability in Intensewp WP Jobs The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field. | 6.1 |
| 2017-09-26 | CVE-2017-1531 | Cross-site Scripting vulnerability in IBM Business Process Manager IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to cross-site scripting. | 5.4 |