Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-16	CVE-2016-0770	Cross-site Scripting vulnerability in Zahmit Design Connections Business Directory Plugin 8.5.8 Cross-site scripting (XSS) vulnerability in includes/admin/pages/manage.php in the Connections Business Directory plugin before 8.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s variable. network low complexity zahmit-design CWE-79	6.1
2017-03-16	CVE-2017-6061	Cross-site Scripting vulnerability in SAP Businessobjects Financial Consolidation 10.0.0.1933 Cross-site scripting (XSS) vulnerability in the help component of SAP BusinessObjects Financial Consolidation 10.0.0.1933 allows remote attackers to inject arbitrary web script or HTML via a GET request. network low complexity sap CWE-79	4.7
2017-03-15	CVE-2016-7103	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. network low complexity jqueryui oracle fedoraproject netapp redhat juniper debian CWE-79	6.1
2017-03-15	CVE-2017-6443	Cross-site Scripting vulnerability in Epson Tmnet Webconfig 1.00 Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1. network low complexity epson CWE-79	6.1
2017-03-15	CVE-2017-5938	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name. network low complexity debian opensuse-project opensuse viewvc CWE-79	6.1
2017-03-15	CVE-2017-5584	Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os Cross-site scripting (XSS) vulnerability in the Management Web Interface in Palo Alto Networks PAN-OS 5.1, 6.x before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. network low complexity paloaltonetworks CWE-79	5.4
2017-03-15	CVE-2017-6909	Cross-site Scripting vulnerability in Shishnet Shimmie An issue was discovered in Shimmie <= 2.5.1. network low complexity shishnet CWE-79	6.1
2017-03-15	CVE-2017-6908	Cross-site Scripting vulnerability in Concrete5 An issue was discovered in concrete5 <= 5.6.3.4. network low complexity concrete5 CWE-79	6.1
2017-03-15	CVE-2017-6907	Cross-site Scripting vulnerability in Open.Gl Project Open.Gl 20170212 An issue was discovered in Open.GL before 2017-03-13. network low complexity open-gl-project CWE-79	6.1
2017-03-15	CVE-2017-6906	Cross-site Scripting vulnerability in Siberiancms An issue was discovered in SiberianCMS before 4.10.0. network low complexity siberiancms CWE-79	6.1