Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-18 | CVE-2017-9063 | Cross-site Scripting vulnerability in multiple products In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session. | 6.1 |
| 2017-05-18 | CVE-2017-9061 | Cross-site Scripting vulnerability in multiple products In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename. | 6.1 |
| 2017-05-17 | CVE-2017-4011 | Cross-site Scripting vulnerability in Mcafee Network Data Loss Prevention 9.3.0 Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of the HTTP request. | 6.1 |
| 2017-05-17 | CVE-2015-3998 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in phpwhois 4.2.5, as used in the adsense-click-fraud-monitoring plugin 1.7.5 for WordPress, allows remote attackers to inject arbitrary web script or HTML via the query parameter to whois.php. | 6.1 |
| 2017-05-16 | CVE-2017-7953 | Cross-site Scripting vulnerability in Infor Enterprise Asset Management 11.0 INFOR EAM V11.0 Build 201410 has XSS via comment fields. | 5.4 |
| 2017-05-12 | CVE-2017-2164 | Cross-site Scripting vulnerability in N-I-Agroinformatics SOY CMS Cross-site scripting vulnerability in SOY CMS with installer 1.8.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-05-12 | CVE-2017-2122 | Cross-site Scripting vulnerability in Tenable Nessus Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2017-05-12 | CVE-2016-4883 | Cross-site Scripting vulnerability in Basercms 3.0.10 Cross-site scripting vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2017-05-12 | CVE-2016-4880 | Cross-site Scripting vulnerability in Basercms 3.0.10 Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2017-05-12 | CVE-2016-4877 | Cross-site Scripting vulnerability in Basercms and Mail Cross-site scripting vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |