Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-29 | CVE-2016-2979 | Cross-site Scripting vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site scripting. | 3.5 |
2017-08-29 | CVE-2016-2973 | Cross-site Scripting vulnerability in IBM Sametime IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site scripting. | 3.5 |
2017-08-29 | CVE-2017-12856 | Cross-site Scripting vulnerability in C.P.Sub Project C.P.Sub 5.2 Cross-site scripting (XSS) vulnerability in C.P.Sub 5.2 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter to index.php. | 4.3 |
2017-08-29 | CVE-2015-6942 | Cross-site Scripting vulnerability in Coremail XT 3.0 Cross-site scripting (XSS) vulnerability in Coremail XT3.0 allows remote attackers to inject arbitrary web script or HTML via a hyperlink in a document attachment. | 4.3 |
2017-08-29 | CVE-2015-6588 | Cross-site Scripting vulnerability in Modx Revolution Cross-site scripting (XSS) vulnerability in login-fsp.html in MODX Revolution before 1.9.1 allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING. | 4.3 |
2017-08-29 | CVE-2017-2257 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via mail function. | 4.3 |
2017-08-29 | CVE-2017-2256 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Memo". | 3.5 |
2017-08-29 | CVE-2017-2255 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space". | 3.5 |
2017-08-29 | CVE-2017-10840 | Cross-site Scripting vulnerability in Webcalendar Project Webcalendar 1.2.7 Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2017-08-29 | CVE-2017-10838 | Cross-site Scripting vulnerability in Seopanel SEO Panel 3.3.1/3.4.0/3.5.0 Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |