Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-11	CVE-2015-8350	Cross-site Scripting vulnerability in Inboundnow Call TO Action 2.5 Multiple cross-site scripting (XSS) vulnerabilities in the Calls to Action plugin before 2.5.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) open-tab parameter in a wp_cta_global_settings action to wp-admin/edit.php or (2) wp-cta-variation-id parameter to ab-testing-call-to-action-example/. network inboundnow CWE-79	4.3
2017-09-11	CVE-2015-8349	Cross-site Scripting vulnerability in Gameconnect Sourcebans Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 pre-alpha allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php. network gameconnect CWE-79	4.3
2017-09-11	CVE-2015-4687	Cross-site Scripting vulnerability in Ellucian Banner Student 8.5.1.2 Cross-site scripting (XSS) vulnerability in Ellucian (formerly SunGard) Banner Student 8.5.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network ellucian CWE-79	4.3
2017-09-11	CVE-2015-7879	Cross-site Scripting vulnerability in Stickynote Project Stickynote Cross-site scripting (XSS) vulnerability in the Stickynote module 7.x before 7.x-1.3 for Drupal allows remote authenticated users with permission to create or edit a stickynote to inject arbitrary web script or HTML via note text on the admin listing page. network stickynote-project CWE-79	3.5
2017-09-11	CVE-2017-14268	Cross-site Scripting vulnerability in EE 4Gee Wifi MBB Firmware EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have XSS in the sms_content parameter in a getSMSlist request. network ee CWE-79	4.3
2017-09-11	CVE-2017-14241	Cross-site Scripting vulnerability in Dolibarr 6.0.0 Cross-site scripting (XSS) vulnerability in Dolibarr ERP/CRM 6.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the Title parameter to htdocs/admin/menus/edit.php. network dolibarr CWE-79	3.5
2017-09-11	CVE-2017-14239	Cross-site Scripting vulnerability in Dolibarr 6.0.0 Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 6.0.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) CompanyName, (2) CompanyAddress, (3) CompanyZip, (4) CompanyTown, (5) Fax, (6) EMail, (7) Web, (8) ManagingDirectors, (9) Note, (10) Capital, (11) ProfId1, (12) ProfId2, (13) ProfId3, (14) ProfId4, (15) ProfId5, or (16) ProfId6 parameter to htdocs/admin/company.php. network dolibarr CWE-79	3.5
2017-09-09	CVE-2017-8041	Cross-site Scripting vulnerability in VMWare Single Sign-On for Pivotal Cloud Foundry In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3, a user can execute a XSS attack on certain Single Sign-On service UI pages by inputting code in the text field for an organization name. network vmware CWE-79	4.3
2017-09-08	CVE-2017-11611	Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. network wolfcms CWE-79	3.5
2017-09-07	CVE-2017-14219	Cross-site Scripting vulnerability in Intelbras WRN 240 Firmware XSS (persistent) on the Intelbras Wireless N 150Mbps router with firmware WRN 240 allows attackers to steal wireless credentials without being connected to the network, related to userRpm/popupSiteSurveyRpm.htm and userRpm/WlanSecurityRpm.htm. network low complexity intelbras CWE-79	6.1