Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-24 | CVE-2017-13671 | Cross-site Scripting vulnerability in Misp app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. | 6.1 |
| 2017-08-24 | CVE-2017-12879 | Cross-site Scripting vulnerability in Paessler Prtg Network Monitor Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor before 17.3.33.2654 allows authenticated remote attackers to inject arbitrary web script or HTML. | 5.4 |
| 2017-08-24 | CVE-2017-9510 | Cross-site Scripting vulnerability in Atlassian Fisheye The repository changelog resource in Atlassian Fisheye before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the start date and end date parameters. | 5.4 |
| 2017-08-24 | CVE-2017-9509 | Cross-site Scripting vulnerability in Atlassian Crucible The review file upload resource in Atlassian Crucible before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the charset of a previously uploaded file. | 5.4 |
| 2017-08-24 | CVE-2017-9508 | Cross-site Scripting vulnerability in Atlassian Crucible and Fisheye Various resources in Atlassian Fisheye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a repository or review file. | 5.4 |
| 2017-08-24 | CVE-2017-9507 | Cross-site Scripting vulnerability in Atlassian Crucible The review dashboard resource in Atlassian Crucible from version 4.1.0 before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the review filter title parameter. | 5.4 |
| 2017-08-23 | CVE-2017-12971 | Cross-site Scripting vulnerability in Apache2Triad 1.5.4 Cross-site scripting (XSS) vulnerability in Apache2Triad 1.5.4 allows remote attackers to inject arbitrary web script or HTML via the account parameter to phpsftpd/users.php. | 6.1 |
| 2017-08-23 | CVE-2017-13138 | Cross-site Scripting vulnerability in Qodeinteractive Bridge DOM based Cross-site scripting (XSS) vulnerability in the Bridge theme before 11.2 for WordPress allows remote attackers to inject arbitrary JavaScript. | 6.1 |
| 2017-08-23 | CVE-2017-12844 | Cross-site Scripting vulnerability in Icewarp Mail Server 10.4.4 Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name. | 4.8 |
| 2017-08-22 | CVE-2014-6189 | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Security Network Protection 3100, 4100, 5100, and 7100 devices with firmware 5.2 before 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0008 and 5.3 before 5.3.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |