Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-29 | CVE-2017-9298 | Cross-site Scripting vulnerability in Hitachi Device Manager Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code. | 5.4 |
| 2017-05-29 | CVE-2017-9292 | Cross-site Scripting vulnerability in Lansweeper Lansweeper before 6.0.0.65 has XSS in an image retrieval URI, aka Bug 542782. | 6.1 |
| 2017-05-29 | CVE-2017-9289 | Cross-site Scripting vulnerability in Note Project Note Bram Korsten Note through 1.2.0 is vulnerable to a reflected XSS in note-source\ui\editor.php (edit parameter). | 6.1 |
| 2017-05-29 | CVE-2017-9288 | Cross-site Scripting vulnerability in Raygun Raygun4Wp 1.8.0 The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected XSS in sendtesterror.php (backurl parameter). | 6.1 |
| 2017-05-28 | CVE-2017-9252 | Cross-site Scripting vulnerability in Finecms Project Finecms andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in the search page via the text-search parameter to index.php in a route=search action. | 6.1 |
| 2017-05-28 | CVE-2017-9251 | Cross-site Scripting vulnerability in Finecms Project Finecms andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in the sitename parameter to admin.php. | 6.1 |
| 2017-05-28 | CVE-2017-9249 | Cross-site Scripting vulnerability in Allen Disk Project Allen Disk 1.6 Cross-site scripting (XSS) vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. | 5.4 |
| 2017-05-28 | CVE-2017-9243 | Cross-site Scripting vulnerability in Aries Networks Qwr-1104 Wireless-N Router Firmware Wrc.253.2.0913 Aries QWR-1104 Wireless-N Router with Firmware Version WRC.253.2.0913 has XSS on the Wireless Site Survey page, exploitable with the name of an access point. | 6.1 |
| 2017-05-28 | CVE-2017-7296 | Cross-site Scripting vulnerability in Contiki-Os Contiki 3.0 An issue was discovered in Contiki Operating System 3.0. | 6.1 |
| 2017-05-27 | CVE-2017-7339 | Cross-site Scripting vulnerability in Fortinet Fortiportal A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add Revision Backup' functionality. | 6.1 |