Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-06 | CVE-2017-6029 | Cross-site Scripting vulnerability in Certec EDV Gmbh Atvise Scada 2.5.10 A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. | 5.4 |
| 2017-05-05 | CVE-2017-8801 | Cross-site Scripting vulnerability in Trendmicro Officescan 11.0/12.0 Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Build before 6152) and XG before CP 1352 has XSS via a crafted URI using a blocked website. | 6.1 |
| 2017-05-05 | CVE-2016-0255 | Cross-site Scripting vulnerability in IBM Marketing Platform IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. | 6.1 |
| 2017-05-05 | CVE-2017-8795 | Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540/911200/911210 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 6.1 |
| 2017-05-05 | CVE-2017-8792 | Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540/911200/911210 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 6.1 |
| 2017-05-05 | CVE-2017-8760 | Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540/911200/911210 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 6.1 |
| 2017-05-05 | CVE-2017-8304 | Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540/911200/911210 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 6.1 |
| 2017-05-04 | CVE-2017-8778 | Cross-site Scripting vulnerability in Gitlab GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document. | 6.1 |
| 2017-05-04 | CVE-2017-8780 | Cross-site Scripting vulnerability in Genixcms 1.0.2 GeniXCMS 1.0.2 has XSS triggered by a comment that is mishandled during a publish operation by an administrator, as demonstrated by a malformed P element. | 4.8 |
| 2017-05-04 | CVE-2017-8763 | Cross-site Scripting vulnerability in Telaxius Epesi Cross-site scripting (XSS) vulnerability in modules/Base/Box/check_for_new_version.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URI that lacks the cid parameter. | 6.1 |