Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-10 | CVE-2017-11163 | Cross-site Scripting vulnerability in Cacti 1.1.12 Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. | 5.4 |
| 2017-07-08 | CVE-2017-11107 | Cross-site Scripting vulnerability in multiple products phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the form, element, rdn, or container parameter. | 6.1 |
| 2017-07-07 | CVE-2017-10991 | Cross-site Scripting vulnerability in Wp-Statistics WP Statistics The WP Statistics plugin through 12.0.9 for WordPress has XSS in the rangestart and rangeend parameters on the wps_referrers_page page. | 6.1 |
| 2017-07-07 | CVE-2017-2243 | Cross-site Scripting vulnerability in Dfactory Responsive Lightbox Cross-site scripting vulnerability in Responsive Lightbox prior to version 1.7.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2224 | Cross-site Scripting vulnerability in Web-Dorado Event Calendar WD Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2222 | Cross-site Scripting vulnerability in Butlerblog Wp-Members 3.1.7 Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2216 | Cross-site Scripting vulnerability in Wpdownloadmanager Wordpress Download Manager Cross-site scripting vulnerability in WordPress Download Manager prior to version 2.9.50 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2194 | Cross-site Scripting vulnerability in IPA Icodechecker Cross-site scripting vulnerability in Source code security studying tool iCodeChecker allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2172 | Cross-site Scripting vulnerability in Cybozu Kunai Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2146 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu. | 4.8 |