Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-06-18 | CVE-2016-1431 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur25516. | 6.1 |
2016-06-16 | CVE-2016-4164 | Cross-site Scripting vulnerability in Adobe Brackets 1.6 Cross-site scripting (XSS) vulnerability in Adobe Brackets before 1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2016-06-16 | CVE-2016-4159 | Cross-site Scripting vulnerability in Adobe Coldfusion 10.0/11.0/2016 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 20, 11 before Update 9, and 2016 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2016-06-16 | CVE-2016-3212 | Cross-site Scripting vulnerability in Microsoft Internet Explorer 10/11/9 The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, aka "Internet Explorer XSS Filter Vulnerability." | 6.1 |
2016-06-13 | CVE-2016-3670 | Cross-site Scripting vulnerability in Liferay Portal Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field. | 6.1 |
2016-06-08 | CVE-2016-4363 | Cross-site Scripting vulnerability in HP Insight Control Server Deployment HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors. | 6.1 |
2016-06-08 | CVE-2016-2078 | Cross-site Scripting vulnerability in VMWare Vcenter Server Cross-site scripting (XSS) vulnerability in the Web Client in VMware vCenter Server 5.1 before update 3d, 5.5 before update 3d, and 6.0 before update 2 on Windows allows remote attackers to inject arbitrary web script or HTML via the flashvars parameter. | 6.1 |
2016-06-05 | CVE-2016-1230 | Cross-site Scripting vulnerability in NTT Webarena Service Formmail 2.2.0 Cross-site scripting (XSS) vulnerability in NTT PC Communications WebARENA Service formmail before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2016-06-05 | CVE-2016-1229 | Cross-site Scripting vulnerability in Humhub 0.20.0/0.20.1/1.0.0 Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
2016-06-05 | CVE-2016-1222 | Cross-site Scripting vulnerability in Kobe-Beauty PHP-Contact-Form Cross-site scripting (XSS) vulnerability in Kobe Beauty php-contact-form before 2016-05-18 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. | 6.1 |