Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-1000043 Cross-site Scripting vulnerability in Mapbox Mapbox.Js
Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON name and map share control
network
low complexity
mapbox CWE-79
6.1
6.1
2017-07-17 CVE-2017-1000042 Cross-site Scripting vulnerability in Mapbox Project Mapbox
Mapbox.js versions 1.x prior to 1.6.5 and 2.x prior to 2.1.7 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON Name.
network
low complexity
mapbox-project CWE-79
6.1
6.1
2017-07-17 CVE-2017-1000038 Cross-site Scripting vulnerability in Relevanssi 3.5.7.1
WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored XSS resulting in attacker being able to execute JavaScript on the affected site
network
low complexity
relevanssi CWE-79
6.1
6.1
2017-07-17 CVE-2017-1000035 Cross-site Scripting vulnerability in Tt-Rss Tiny RSS
Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack
network
low complexity
tt-rss CWE-79
6.1
6.1
2017-07-17 CVE-2017-1000033 Cross-site Scripting vulnerability in Vospari Forms Project Vospari Forms
Wordpress Plugin Vospari Forms version < 1.4 is vulnerable to a reflected cross site scripting in the form submission resulting in javascript code execution in the context on the current user.
network
low complexity
vospari-forms-project CWE-79
6.1
6.1
2017-07-17 CVE-2017-1000032 Cross-site Scripting vulnerability in Cacti 0.8.8B
Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and drp_action parameter to data_sources.php.
network
low complexity
cacti CWE-79
6.1
6.1
2017-07-17 CVE-2017-1000023 Cross-site Scripting vulnerability in Logicaldoc
LogicalDoc Community Edition 7.5.3 and prior is vulnerable to an XSS when using preview on HTML document.
network
low complexity
logicaldoc CWE-79
5.4
5.4
2017-07-17 CVE-2017-1000015 Cross-site Scripting vulnerability in PHPmyadmin
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters
network
low complexity
phpmyadmin CWE-79
6.1
6.1
2017-07-17 CVE-2017-1000012 Cross-site Scripting vulnerability in Mysqldumper 1.24
MySQL Dumper version 1.24 is vulnerable to stored XSS when displaying the data in the database to the user
network
low complexity
mysqldumper CWE-79
6.1
6.1
2017-07-17 CVE-2017-1000011 Cross-site Scripting vulnerability in Mywebsql 3.6
MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information
network
low complexity
mywebsql CWE-79
6.1
6.1