Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-10 | CVE-2016-6035 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Quality Manager is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-10 | CVE-2016-5888 | Cross-site Scripting vulnerability in IBM Interact IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-10 | CVE-2016-3032 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-10 | CVE-2017-8876 | Cross-site Scripting vulnerability in Getsymphony Symphony 2.6.11 Symphony 2 2.6.11 has XSS in the meta[navigation_group] parameter to content/content.blueprintssections.php. | 6.1 |
| 2017-05-09 | CVE-2016-9257 | Cross-site Scripting vulnerability in F5 Big-Ip Access Policy Manager In F5 BIG-IP APM 12.0.0 through 12.1.2, non-authenticated users may be able to inject JavaScript into a request that will then be rendered and executed in the context of the Administrative user when the Administrative user is viewing the Access System Logs, allowing the non-authenticated user to carry out a Cross Site Scripting (XSS) attack against the Administrative user. | 6.1 |
| 2017-05-08 | CVE-2017-0893 | Cross-site Scripting vulnerability in Nextcloud Server Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are shipping a vulnerable JavaScript library for sanitizing untrusted user-input which suffered from a XSS vulnerability caused by a behaviour change in Safari 10.1 and 10.2. | 5.4 |
| 2017-05-08 | CVE-2017-0891 | Cross-site Scripting vulnerability in Nextcloud Server Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are vulnerable to an inadequate escaping of error messages leading to XSS vulnerabilities in multiple components. | 5.4 |
| 2017-05-08 | CVE-2017-0890 | Cross-site Scripting vulnerability in Nextcloud Server Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. | 5.4 |
| 2017-05-08 | CVE-2017-8833 | Cross-site Scripting vulnerability in Zen-Cart ZEN Cart 1.6.0 Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. | 6.1 |
| 2017-05-08 | CVE-2017-8832 | Cross-site Scripting vulnerability in Allen Disk Project Allen Disk 1.6 Allen Disk 1.6 has XSS in the id parameter to downfile.php. | 6.1 |