Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2017-07-06 CVE-2017-10967 Cross-site Scripting vulnerability in Finecms Project Finecms
In FineCMS before 2017-07-06, application\core\controller\config.php allows XSS in the (1) key_name, (2) key_value, and (3) meaning parameters.
network
low complexity
finecms-project CWE-79
6.1
6.1
2017-07-06 CVE-2017-10975 Cross-site Scripting vulnerability in Lutim Project Lutim
Cross-site scripting (XSS) vulnerability in Lutim before 0.8 might allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is mishandled in an upload notification and in the myfiles component, if the attacker can convince the victim to proceed with an upload despite the appearance of an XSS payload in the filename.
network
low complexity
lutim-project CWE-79
6.1
6.1
2017-07-06 CVE-2017-10970 Cross-site Scripting vulnerability in Cacti 1.1.12
Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php.
network
low complexity
cacti CWE-79
5.4
5.4
2017-07-05 CVE-2017-1096 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-07-05 CVE-2016-9989 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-07-05 CVE-2016-9988 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-07-05 CVE-2016-9987 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-07-05 CVE-2016-9986 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-07-05 CVE-2017-1208 Cross-site Scripting vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-07-05 CVE-2017-1113 Cross-site Scripting vulnerability in IBM Rational Team Concert
IBM Rational Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4