Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-07 | CVE-2017-2222 | Cross-site Scripting vulnerability in Butlerblog Wp-Members 3.1.7 Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2216 | Cross-site Scripting vulnerability in Wpdownloadmanager Wordpress Download Manager Cross-site scripting vulnerability in WordPress Download Manager prior to version 2.9.50 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2194 | Cross-site Scripting vulnerability in IPA Icodechecker Cross-site scripting vulnerability in Source code security studying tool iCodeChecker allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2172 | Cross-site Scripting vulnerability in Cybozu Kunai Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2146 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu. | 4.8 |
| 2017-07-06 | CVE-2017-10967 | Cross-site Scripting vulnerability in Finecms Project Finecms In FineCMS before 2017-07-06, application\core\controller\config.php allows XSS in the (1) key_name, (2) key_value, and (3) meaning parameters. | 6.1 |
| 2017-07-06 | CVE-2017-10975 | Cross-site Scripting vulnerability in Lutim Project Lutim Cross-site scripting (XSS) vulnerability in Lutim before 0.8 might allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is mishandled in an upload notification and in the myfiles component, if the attacker can convince the victim to proceed with an upload despite the appearance of an XSS payload in the filename. | 6.1 |
| 2017-07-06 | CVE-2017-10970 | Cross-site Scripting vulnerability in Cacti 1.1.12 Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php. | 5.4 |
| 2017-07-05 | CVE-2017-1096 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9989 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |