Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-1000006 | Cross-site Scripting vulnerability in Plotly Plotly.Js Plotly, Inc. | 6.1 |
| 2017-07-17 | CVE-2017-1000005 | Cross-site Scripting vulnerability in PHPminiadmin Project PHPminiadmin 1.9.160930 PHPMiniAdmin version 1.9.160630 is vulnerable to stored XSS in the name of databases, tables and columns resulting in potential account takeover and scraping of data (stealing data). | 6.1 |
| 2017-07-13 | CVE-2016-8952 | Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-13 | CVE-2016-6019 | Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-13 | CVE-2017-11202 | Cross-site Scripting vulnerability in Finecms Project Finecms FineCMS through 2017-07-12 allows XSS in visitors.php because JavaScript in visited URLs is not restricted either during logging or during the reading of logs, a different vulnerability than CVE-2017-11180. | 6.1 |
| 2017-07-13 | CVE-2017-11201 | Cross-site Scripting vulnerability in Finecms Project Finecms application/core/controller/images.php in FineCMS through 2017-07-12 allows remote authenticated admins to conduct XSS attacks by uploading an image via a route=images action. | 5.4 |
| 2017-07-13 | CVE-2017-11198 | Cross-site Scripting vulnerability in Finecms Project Finecms Cross-site scripting (XSS) vulnerability in /application/lib/ajax/get_image.php in FineCMS through 2017-07-12 allows remote attackers to inject arbitrary web script or HTML via the folder, id, or name parameter. | 6.1 |
| 2017-07-12 | CVE-2017-11195 | Cross-site Scripting vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0 Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. | 6.1 |
| 2017-07-12 | CVE-2017-11194 | Cross-site Scripting vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0 Pulse Connect Secure 8.3R1 has Reflected XSS in adminservercacertdetails.cgi. | 6.1 |
| 2017-07-12 | CVE-2017-1321 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to cross-site scripting. | 6.1 |