Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-05 | CVE-2017-12572 | Cross-site Scripting vulnerability in Splunk Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104. | 4.8 |
| 2017-08-04 | CVE-2017-1331 | Cross-site Scripting vulnerability in IBM Content Navigator IBM Content Navigator 2.0.3 and 3.0.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-08-04 | CVE-2017-12413 | Cross-site Scripting vulnerability in Axis 2100 Network Camera Firmware 2.43 AXIS 2100 devices 2.43 have XSS via the URI, possibly related to admin/admin.shtml. | 6.1 |
| 2017-08-03 | CVE-2017-1327 | Cross-site Scripting vulnerability in IBM Inotes IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2017-08-03 | CVE-2017-1199 | Cross-site Scripting vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. | 5.4 |
| 2017-08-03 | CVE-2017-11320 | Cross-site Scripting vulnerability in Technicolor Tc7337 Firmware 08.89.17.20.00 Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337 routers 08.89.17.20.00 allows an attacker to cause DNS Poisoning and steal credentials from the router. | 6.1 |
| 2017-08-02 | CVE-2017-9467 | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os Cross-site scripting (XSS) vulnerability in the GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-08-02 | CVE-2017-9459 | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os Cross-site scripting (XSS) vulnerability in the management web interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-08-02 | CVE-2017-9244 | Cross-site Scripting vulnerability in Trello 4.0.7 Cross-site scripting (XSS) vulnerability in the Trello app before 4.0.8 for iOS might allow remote attackers to inject arbitrary web script or HTML by uploading and attaching a crafted photo to a Card. | 6.1 |
| 2017-08-02 | CVE-2017-11355 | Cross-site Scripting vulnerability in Pega Platform Multiple cross-site scripting (XSS) vulnerabilities in PEGA Platform 7.2 ML0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to the main page; the (2) beanReference parameter to the JavaBean viewer page; or the (3) pyTableName to the System database schema modification page. | 6.1 |