Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-09 | CVE-2016-7823 | Cross-site Scripting vulnerability in Buffalotech Wnc01Wh Firmware 1.0.0.8 Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2017-06-09 | CVE-2016-7817 | Cross-site Scripting vulnerability in Simple Keitai Chat Project Simple Keitai Chat 2.0 Cross-site scripting vulnerability in Simple keitai chat 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-06-09 | CVE-2016-7813 | Cross-site Scripting vulnerability in Emon-Cms Deraemon-Cms Cross-site scripting vulnerability in DERAEMON-CMS version 0.8.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the parameters hostname, database and username. | 6.1 |
| 2017-06-09 | CVE-2016-7810 | Cross-site Scripting vulnerability in Corega Cg-Wlr300Nx Firmware 1.20 Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. | 4.8 |
| 2017-06-09 | CVE-2016-7808 | Cross-site Scripting vulnerability in Corega Cg-Wlbaragm Firmware and Cg-Wlbargnl Firmware Cross-site scripting vulnerability in Corega CG-WLBARGMH and CG-WLBARGNL allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-06-09 | CVE-2016-4906 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai. | 6.1 |
| 2017-06-09 | CVE-2016-7469 | Cross-site Scripting vulnerability in F5 products A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. | 5.4 |
| 2017-06-09 | CVE-2017-9523 | Cross-site Scripting vulnerability in Sophos web Appliance The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342. | 6.1 |
| 2017-06-08 | CVE-2017-1140 | Cross-site Scripting vulnerability in IBM Business Process Manager IBM Business Process Manager 8.0 and 8.5 are vulnerable to cross-site scripting. | 5.4 |
| 2017-06-08 | CVE-2015-1588 | Cross-site Scripting vulnerability in Open-Xchange Appsuite and Open-Xchange Server Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and 7.6.1-rev21. | 6.1 |