Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2017-09-07 CVE-2017-14219 Cross-site Scripting vulnerability in Intelbras WRN 240 Firmware
XSS (persistent) on the Intelbras Wireless N 150Mbps router with firmware WRN 240 allows attackers to steal wireless credentials without being connected to the network, related to userRpm/popupSiteSurveyRpm.htm and userRpm/WlanSecurityRpm.htm.
network
low complexity
intelbras CWE-79
6.1
6.1
2017-09-07 CVE-2017-6789 Cross-site Scripting vulnerability in Cisco Unified Intelligence Center 11.0(1)Es10
A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)-based, environment or client-side cross-site scripting (XSS) attack.
network
low complexity
cisco CWE-79
6.1
6.1
2017-09-07 CVE-2017-12221 Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software.
network
low complexity
cisco CWE-79
5.4
5.4
2017-09-07 CVE-2017-12220 Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
network
low complexity
cisco CWE-79
6.1
6.1
2017-09-07 CVE-2017-12212 Cross-site Scripting vulnerability in Cisco Unity Connection 10.5(2)
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system.
network
low complexity
cisco CWE-79
6.1
6.1
2017-09-07 CVE-2015-7672 Cross-site Scripting vulnerability in Centreon 2.6.1
Cross-site scripting (XSS) vulnerability in Centreon 2.6.1 (fixed in Centreon 18.10.0 and Centreon web 2.8.27).
network
low complexity
centreon CWE-79
5.4
5.4
2017-09-07 CVE-2015-5060 Cross-site Scripting vulnerability in Anchorcms Anchor CMS
Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev.
network
low complexity
anchorcms CWE-79
6.1
6.1
2017-09-07 CVE-2015-4721 Cross-site Scripting vulnerability in Concretecms Concrete CMS 5.7.3.1
Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 5.7.3.1.
network
low complexity
concretecms CWE-79
6.1
6.1
2017-09-07 CVE-2015-3169 Cross-site Scripting vulnerability in Askbot 0.7.51
Cross-site scripting (XSS) vulnerability in askbot 0.7.51-4.el6.noarch.
network
low complexity
askbot CWE-79
6.1
6.1
2017-09-07 CVE-2017-14195 Cross-site Scripting vulnerability in Finecms Project Finecms 5.0.11
The call_msg function in controllers/Form.php in dayrui FineCms 5.0.11 might have XSS related to the Referer HTTP header with Internet Explorer.
network
low complexity
finecms-project CWE-79
6.1
6.1