Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-10-19 | CVE-2014-6100 | Cross-Site Scripting vulnerability in IBM Security Directory Server and Tivoli Directory Server Cross-site scripting (XSS) vulnerability in the Admin UI in IBM Tivoli Directory Server 6.1 before 6.1.0.64-ISS-ITDS-IF0064, 6.2 before 6.2.0.39-ISS-ITDS-FP0039, and 6.3 before 6.3.0.33-ISS-ITDS-IF0033, and IBM Security Directory Server 6.3.1 before 6.3.1.7-ISS-ISDS-IF0007, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-10-19 | CVE-2014-5331 | Cross-Site Scripting vulnerability in Aptana Aflax 1.0 Cross-site scripting (XSS) vulnerability in Aflax allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-10-19 | CVE-2014-5330 | Cross-Site Scripting vulnerability in Birdblog Cross-site scripting (XSS) vulnerability in BirdBlog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-10-19 | CVE-2014-4838 | Cross-Site Scripting vulnerability in IBM Tririga Application Platform Cross-site scripting (XSS) vulnerability in GanttProjectSchedulerPopup.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-10-19 | CVE-2014-4837 | Cross-Site Scripting vulnerability in IBM Tririga Application Platform Cross-site scripting (XSS) vulnerability in NewDocument.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-10-19 | CVE-2014-4836 | Cross-Site Scripting vulnerability in IBM Tririga Application Platform Cross-site scripting (XSS) vulnerability in breakOutWithName.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-10-19 | CVE-2014-4827 | Cross-Site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.1.0/7.2.0 Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2014-10-19 | CVE-2014-3408 | Cross-Site Scripting vulnerability in Cisco Prime Optical 10.0 Cross-site scripting (XSS) vulnerability in the web framework in Cisco Prime Optical 10 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuq80763. | 6.8 |
2014-10-19 | CVE-2014-2647 | Cross-Site Scripting vulnerability in HP Operations Agent Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) before 11.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-10-17 | CVE-2014-2995 | Cross-Site Scripting vulnerability in Twitget Project Twitget Multiple cross-site scripting (XSS) vulnerabilities in twitget.php in the Twitget plugin before 3.3.3 for WordPress allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors, as demonstrated by the twitget_consumer_key parameter to wp-admin/options-general.php. | 3.5 |