Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-15	CVE-2017-4926	Cross-site Scripting vulnerability in VMWare Vcenter Server 6.5 VMware vCenter Server (6.5 prior to 6.5 U1) contains a vulnerability that may allow for stored cross-site scripting (XSS). network low complexity vmware CWE-79	5.4
2017-09-14	CVE-2017-1002017	Cross-site Scripting vulnerability in Bobcares Gift-Certificate-Creator 1.0 Vulnerability in wordpress plugin gift-certificate-creator v1.0, The code in gc-list.php doesn't sanitize user input to prevent a stored XSS vulnerability. network low complexity bobcares CWE-79	6.1
2017-09-14	CVE-2017-1002011	Cross-site Scripting vulnerability in Anblik Image-Gallery-With-Slideshow 1.5.2 Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, There is a stored XSS vulnerability via the $value->gallery_name and $value->gallery_description where anyone with privileges to modify or add galleries/images and inject javascript into the database. network low complexity anblik CWE-79	5.4
2017-09-13	CVE-2017-14416	Cross-site Scripting vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. network low complexity dlink CWE-79	6.1
2017-09-13	CVE-2017-14415	Cross-site Scripting vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. network low complexity dlink CWE-79	6.1
2017-09-13	CVE-2017-14414	Cross-site Scripting vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. network low complexity dlink CWE-79	6.1
2017-09-13	CVE-2017-14413	Cross-site Scripting vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. network low complexity dlink CWE-79	6.1
2017-09-13	CVE-2017-3165	Cross-site Scripting vulnerability in Apache Brooklyn In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources. network low complexity apache CWE-79	5.4
2017-09-13	CVE-2017-13724	Cross-site Scripting vulnerability in Axesstel Mu553S Firmware Mu553Sv1.14 On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page. network low complexity axesstel CWE-79	5.4
2017-09-13	CVE-2017-8758	Cross-site Scripting vulnerability in Microsoft Exchange Server 2016 Microsoft Exchange Server 2016 allows an elevation of privilege vulnerability when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Cross-Site Scripting Vulnerability." network low complexity microsoft CWE-79	6.1