Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2017-06-12	CVE-2017-9547	Cross-site Scripting vulnerability in Bigtreecms Bigtree CMS admin.php in BigTree through 4.2.18 has a Cross-site Scripting (XSS) vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching an Edit Page action and entering the Navigation Title or Page Title of a page that is scheduled for future publication (aka a pending page change). network low complexity bigtreecms CWE-79	5.4
2017-06-12	CVE-2017-9546	Cross-site Scripting vulnerability in Bigtreecms Bigtree CMS admin.php in BigTree through 4.2.18 allows remote authenticated users to cause a denial of service (inability to save revisions) via XSS sequences in a revision name. network low complexity bigtreecms CWE-79	5.7
2017-06-09	CVE-2017-5004	Cross-site Scripting vulnerability in multiple products EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Stored Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system. network low complexity emc rsa CWE-79	5.4
2017-06-09	CVE-2017-5003	Cross-site Scripting vulnerability in multiple products EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Reflected Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system. network low complexity emc rsa CWE-79	6.1
2017-06-09	CVE-2017-2187	Cross-site Scripting vulnerability in 3CX Live Chat Cross-site scripting vulnerability in WP Live Chat Support prior to version 7.0.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity 3cx CWE-79	6.1
2017-06-09	CVE-2016-7823	Cross-site Scripting vulnerability in Buffalotech Wnc01Wh Firmware 1.0.0.8 Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. low complexity buffalotech CWE-79	4.3
2017-06-09	CVE-2016-7817	Cross-site Scripting vulnerability in Simple Keitai Chat Project Simple Keitai Chat 2.0 Cross-site scripting vulnerability in Simple keitai chat 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity simple-keitai-chat-project CWE-79	6.1
2017-06-09	CVE-2016-7813	Cross-site Scripting vulnerability in Emon-Cms Deraemon-Cms Cross-site scripting vulnerability in DERAEMON-CMS version 0.8.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the parameters hostname, database and username. network low complexity emon-cms CWE-79	6.1
2017-06-09	CVE-2016-7810	Cross-site Scripting vulnerability in Corega Cg-Wlr300Nx Firmware 1.20 Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. network low complexity corega CWE-79	4.8
2017-06-09	CVE-2016-7808	Cross-site Scripting vulnerability in Corega Cg-Wlbaragm Firmware and Cg-Wlbargnl Firmware Cross-site scripting vulnerability in Corega CG-WLBARGMH and CG-WLBARGNL allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity corega CWE-79	6.1