Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-27 | CVE-2017-7271 | Cross-site Scripting vulnerability in YII Software YII 2.0.10 Reflected Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen. | 6.1 |
| 2017-03-27 | CVE-2015-8010 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi. | 6.1 |
| 2017-03-27 | CVE-2017-6878 | Cross-site Scripting vulnerability in Metinfo 5.3.15 Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php. | 5.4 |
| 2017-03-27 | CVE-2015-8310 | Cross-site Scripting vulnerability in Fomori Cherrymusic 0.35.2 Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist. | 5.4 |
| 2017-03-27 | CVE-2017-6067 | Cross-site Scripting vulnerability in Getsymphony Symphony 2.6.9 Symphony 2.6.9 has XSS in publish/notes/edit/##/saved/ via the bottom form field. | 6.1 |
| 2017-03-27 | CVE-2017-6003 | Cross-site Scripting vulnerability in Dotcms 3.7.0 dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_language in portal/layout via the bottom two form fields. | 6.1 |
| 2017-03-26 | CVE-2017-2645 | Cross-site Scripting vulnerability in Moodle In Moodle 3.x, XSS can occur via attachments to evidence of prior learning. | 6.1 |
| 2017-03-26 | CVE-2017-2644 | Cross-site Scripting vulnerability in Moodle In Moodle 3.x, XSS can occur via evidence of prior learning. | 6.1 |
| 2017-03-24 | CVE-2017-7257 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6 XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_content parameter. | 5.4 |
| 2017-03-24 | CVE-2017-7256 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6 XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_summary parameter. | 5.4 |