Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2016-4903 | Cross-site Scripting vulnerability in Wp-Olivecart Olivecart and Olivecartpro Cross-site scripting vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-05-22 | CVE-2017-9140 | Cross-site Scripting vulnerability in Progress Sitefinity CMS and Telerik Reporting Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd. | 6.1 |
| 2017-05-22 | CVE-2017-2549 | Cross-site Scripting vulnerability in Apple Safari An issue was discovered in certain Apple products. | 6.1 |
| 2017-05-22 | CVE-2017-2528 | Cross-site Scripting vulnerability in Apple Safari An issue was discovered in certain Apple products. | 6.1 |
| 2017-05-22 | CVE-2017-2510 | Cross-site Scripting vulnerability in Apple Safari An issue was discovered in certain Apple products. | 6.1 |
| 2017-05-22 | CVE-2017-2508 | Cross-site Scripting vulnerability in Apple Safari An issue was discovered in certain Apple products. | 6.1 |
| 2017-05-22 | CVE-2017-2504 | Cross-site Scripting vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 6.1 |
| 2017-05-22 | CVE-2017-6654 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5)/11.0(1.10000.10)/11.5(1.10000.6) A vulnerability in the web-based management interface of Cisco Unified Communications Manager 10.5 through 11.5 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2017-05-19 | CVE-2017-4978 | Cross-site Scripting vulnerability in RSA Adaptive Authentication (On Premise) EMC RSA Adaptive Authentication (On-Premise) versions prior to 7.3 P2 (exclusive) contains a fix for a cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 5.4 |
| 2017-05-18 | CVE-2017-9072 | Cross-site Scripting vulnerability in Calendarxp Flatcalendarxp and Popcalendarxp Two CalendarXP products have XSS in common parts of HTML files. | 6.1 |