Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-17	CVE-2017-2337	Cross-site Scripting vulnerability in Juniper Screenos 6.3.0 A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. network low complexity juniper CWE-79	5.4
2017-07-17	CVE-2017-2336	Cross-site Scripting vulnerability in Juniper Screenos 6.3.0 A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. network low complexity juniper CWE-79	5.4
2017-07-17	CVE-2017-2335	Cross-site Scripting vulnerability in Juniper Screenos 6.3.0 A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. network low complexity juniper CWE-79	5.4
2017-07-17	CVE-2017-1000078	Cross-site Scripting vulnerability in Onosproject Onos 1.8.0/1.9.0 Linux foundation ONOS 1.9 is vulnerable to XSS in the device. network low complexity onosproject CWE-79	6.1
2017-07-17	CVE-2017-1000065	Cross-site Scripting vulnerability in Openmediavault 2.1 Multiple Cross-site scripting (XSS) vulnerabilities in rpc.php in OpenMediaVault release 2.1 in Access Rights Management(Users) functionality allows attackers to inject arbitrary web scripts and execute malicious scripts within an authenticated client's browser. network low complexity openmediavault CWE-79	6.1
2017-07-17	CVE-2017-1000063	Cross-site Scripting vulnerability in Kitto Project Kitto 0.5.1 kittoframework kitto version 0.5.1 is vulnerable to an XSS in the 404 page resulting in information disclosure network low complexity kitto-project CWE-79	6.1
2017-07-17	CVE-2017-1000059	Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header handling resulting in the execution of any user provided Javascript code in the session of other users. network low complexity livehelperchat CWE-79	6.1
2017-07-17	CVE-2017-1000058	Cross-site Scripting vulnerability in Chevereto Stored XSS vulnerabilities in chevereto CMS before version 3.8.11, one in the user profile and one in the Exif data parser. network low complexity chevereto CWE-79	6.1
2017-07-17	CVE-2017-1000054	Cross-site Scripting vulnerability in Rocketchat Rocket.Chat Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages. network low complexity rocketchat CWE-79	6.1
2017-07-17	CVE-2017-1000051	Cross-site Scripting vulnerability in Xwiki Cryptpad Cross-site scripting (XSS) vulnerability in pad export in XWiki labs CryptPad before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the pad content network low complexity xwiki CWE-79	6.1