Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-24 | CVE-2017-1249 | Cross-site Scripting vulnerability in IBM Rhapsody Design Manager IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-24 | CVE-2017-1245 | Cross-site Scripting vulnerability in IBM Rational Software Architect Design Manager IBM Rational Software Architect Design Manager 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-24 | CVE-2016-8975 | Cross-site Scripting vulnerability in IBM Rhapsody Design Manager IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-24 | CVE-2016-6118 | Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-24 | CVE-2017-10711 | Cross-site Scripting vulnerability in Simplerisk 20170614001 In SimpleRisk 20170614-001, a CSRF attack on reset.php (aka the Send Password Reset Email form) can insert XSS sequences via the user parameter. | 6.1 |
| 2017-07-24 | CVE-2017-11594 | Cross-site Scripting vulnerability in Loomio Cross-site scripting (XSS) vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new thread or a thread comment. | 5.4 |
| 2017-07-24 | CVE-2017-11593 | Cross-site Scripting vulnerability in Ooso Markdown Preview Plus 0.4.5 Cross-site scripting (XSS) vulnerability in the Markdown Preview Plus extension before 0.5.7 for Chrome allows remote attackers to inject arbitrary web script or HTML into some web applications via the upload and display of crafted text, markdown, or rst files that are designed to be viewed in the browser as plain text, but that will be converted to HTML without proper sanitization. | 6.1 |
| 2017-07-24 | CVE-2017-11581 | Cross-site Scripting vulnerability in Finecms 5.0.9 dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in admin/Login.php via a payload in the username field that does not begin with a '<' character. | 6.1 |
| 2017-07-22 | CVE-2017-2274 | Cross-site Scripting vulnerability in Buffalo Wmr-433 Firmware and Wmr-433W Firmware Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-21 | CVE-2017-1372 | Cross-site Scripting vulnerability in IBM Tririga Application Platform IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. | 5.4 |