Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-09-06 | CVE-2015-3161 | Cross-site Scripting vulnerability in Beaker-Project Beaker The search bar code in bkr/server/widgets.py in Beaker before 20.1 does not escape </script> tags in string literals when producing JSON. | 3.5 |
2017-09-05 | CVE-2017-1457 | Cross-site Scripting vulnerability in IBM Qradar Network Security 5.4 IBM QRadar Network Security 5.4 is vulnerable to cross-site scripting. | 4.3 |
2017-09-04 | CVE-2017-14126 | Cross-site Scripting vulnerability in Xnau Participants Database 1.7.5.10 The Participants Database plugin before 1.7.5.10 for WordPress has XSS. | 4.3 |
2017-08-31 | CVE-2015-7711 | Cross-site Scripting vulnerability in Atutor Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the h parameter. | 4.3 |
2017-08-31 | CVE-2017-7855 | Cross-site Scripting vulnerability in Icewarp Server 11.3.1.5 In the webmail component in IceWarp Server 11.3.1.5, there was an XSS vulnerability discovered in the "language" parameter. | 4.3 |
2017-08-31 | CVE-2016-10510 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Security component of Kohana before 3.3.6 allows remote attackers to inject arbitrary web script or HTML by bypassing the strip_image_tags protection mechanism in system/classes/Kohana/Security.php. | 4.3 |
2017-08-31 | CVE-2016-10508 | Cross-site Scripting vulnerability in PHPthumb Project PHPthumb 1.7.11/1.7.12/1.7.13 Multiple cross-site scripting (XSS) vulnerabilities in phpThumb() before 1.7.14 allow remote attackers to inject arbitrary web script or HTML via parameters in demo/phpThumb.demo.showpic.php. | 4.3 |
2017-08-31 | CVE-2017-14070 | Cross-site Scripting vulnerability in Nexusphp 1.5 Cross Site Scripting (XSS) exists in NexusPHP 1.5.beta5.20120707 via the PATH_INFO to ipsearch.php, related to PHP_SELF. | 4.3 |
2017-08-31 | CVE-2017-1447 | Cross-site Scripting vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site scripting. | 3.5 |
2017-08-31 | CVE-2017-1444 | Cross-site Scripting vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site scripting. | 3.5 |