Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-22 | CVE-2016-9909 | Cross-site Scripting vulnerability in Html5Lib 0.99999999 The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of the < (less than) character in attribute values. | 6.1 |
| 2017-02-22 | CVE-2017-3847 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center 6.2.1 A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 5.4 |
| 2017-02-22 | CVE-2017-3845 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 11.0.0/11.1.0/11.5.0 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2017-02-22 | CVE-2017-3838 | Cross-site Scripting vulnerability in Cisco Secure Access Control System 5.8(2.5) A vulnerability in Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting (XSS) attack against the user of the web interface of the affected system. | 6.1 |
| 2017-02-22 | CVE-2017-3833 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 12.0(0.99999.2) A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. | 6.1 |
| 2017-02-22 | CVE-2017-3829 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 11.0(1.10000.10)/11.5(1.10000.6) A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2017-02-22 | CVE-2017-3828 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 11.0(1.10000.10)/11.5(1.10000.6) A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2017-02-22 | CVE-2017-3821 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 10.5(2.14076.1) A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks. | 6.1 |
| 2017-02-21 | CVE-2016-9316 | Cross-site Scripting vulnerability in Trendmicro Interscan web Security Virtual Appliance Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allow authenticated, remote users with least privileges to inject arbitrary HTML/JavaScript code into web pages. | 5.4 |
| 2017-02-20 | CVE-2017-2361 | Cross-site Scripting vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 6.1 |