Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-28 | CVE-2014-9469 | Cross-site Scripting vulnerability in Vbulletin Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, 3.6.7, 3.8.7, 4.2.2, 5.0.5, and 5.1.3. | 4.3 |
| 2017-08-28 | CVE-2014-8753 | Cross-site Scripting vulnerability in Cit-E-Net Cit-E-Access 6.0 Multiple cross-site scripting (XSS) vulnerabilities in Cit-e-Net Cit-e-Access 6. | 4.3 |
| 2017-08-28 | CVE-2014-4925 | Cross-site Scripting vulnerability in Good for Enterprise 1.9.0.40/2.8.0.398 Cross-site scripting (XSS) vulnerability in Good for Enterprise for Android 2.8.0.398 and 1.9.0.40. | 4.3 |
| 2017-08-28 | CVE-2014-0141 | Cross-site Scripting vulnerability in Redhat Satellite 6.0.3 Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3. | 4.3 |
| 2017-08-25 | CVE-2015-3257 | Cross-site Scripting vulnerability in Zend Diactoros Zend/Diactoros/Uri::filterPath in zend-diactoros before 1.0.4 does not properly sanitize path input, which allows remote attackers to perform cross-site scripting (XSS) or open redirect attacks. | 4.3 |
| 2017-08-25 | CVE-2017-13697 | Cross-site Scripting vulnerability in Finecms Project Finecms 5.0.11 controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable. | 4.3 |
| 2017-08-24 | CVE-2015-4699 | Cross-site Scripting vulnerability in Cloud4Wi Splash Portal 5.9.6 Cross-site scripting (XSS) vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote attackers to inject arbitrary web script or HTML via the recoveryMessage parameter to the default URI. | 4.3 |
| 2017-08-24 | CVE-2017-9555 | Cross-site Scripting vulnerability in Synology Photo Station Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.0-3414 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | 3.5 |
| 2017-08-24 | CVE-2017-13671 | Cross-site Scripting vulnerability in Misp app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. | 4.3 |
| 2017-08-24 | CVE-2017-12879 | Cross-site Scripting vulnerability in Paessler Prtg Network Monitor Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor before 17.3.33.2654 allows authenticated remote attackers to inject arbitrary web script or HTML. | 3.5 |