Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2017-04-10 CVE-2016-5073 Cross-site Scripting vulnerability in Cloudviewnms Cloudview NMS
CloudView NMS before 2.10a has XSS via SNMP.
network
low complexity
cloudviewnms CWE-79
6.1
6.1
2017-04-10 CVE-2016-5055 Cross-site Scripting vulnerability in Osram Lightify PRO
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page.
network
low complexity
osram CWE-79
6.1
6.1
2017-04-10 CVE-2016-4318 Cross-site Scripting vulnerability in Atlassian Jira
Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name.
network
low complexity
atlassian CWE-79
4.8
4.8
2017-04-10 CVE-2016-4317 Cross-site Scripting vulnerability in Atlassian Confluence
Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page.
network
low complexity
atlassian CWE-79
5.4
5.4
2017-04-10 CVE-2015-7275 Cross-site Scripting vulnerability in Dell Integrated Remote Access Controller Firmware
Dell Integrated Remote Access Controller (iDRAC) 6 before 2.85 and 7/8 before 2.30.30.30 has XSS.
network
low complexity
dell CWE-79
6.1
6.1
2017-04-10 CVE-2015-6035 Cross-site Scripting vulnerability in Opsview
Opsview before 2015-11-06 has XSS via SNMP.
network
low complexity
opsview CWE-79
6.1
6.1
2017-04-10 CVE-2015-6027 Cross-site Scripting vulnerability in Castlerock Snmpc 12.1/9.0
Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP.
network
low complexity
castlerock CWE-79
6.1
6.1
2017-04-10 CVE-2015-6021 Cross-site Scripting vulnerability in Spiceworks Desktop
Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response.
network
low complexity
spiceworks CWE-79
6.1
6.1
2017-04-10 CVE-2015-2883 Cross-site Scripting vulnerability in Philips In.Sight B12037
Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php.
network
low complexity
philips CWE-79
5.4
5.4
2017-04-09 CVE-2017-7591 Cross-site Scripting vulnerability in Openidm Project Openidm 4.0.0/4.5.0
OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by the _sortKeys parameter to the authzRoles script under managed/user/.
network
low complexity
openidm-project CWE-79
6.1
6.1