Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-05-11 | CVE-2016-1113 | Cross-site Scripting vulnerability in Adobe Coldfusion 10.0/11.0/2016 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2016-05-10 | CVE-2016-4561 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the cgierror function in CGI.pm in ikiwiki before 3.20160506 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message. | 6.1 |
2016-05-07 | CVE-2016-2350 | Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540/911200/911210 Multiple cross-site scripting (XSS) vulnerabilities on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) getimageajax.php, (2) move_partition_frame.html, or (3) wmInfo.html. | 6.1 |
2016-05-07 | CVE-2016-2011 | Cross-site Scripting vulnerability in HP Network Node Manager I Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2010. | 5.4 |
2016-05-07 | CVE-2016-2010 | Cross-site Scripting vulnerability in HP Network Node Manager I Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2011. | 5.4 |
2016-05-07 | CVE-2016-0901 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager 7.1/8.0/8.1 Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-0900. | 6.1 |
2016-05-07 | CVE-2016-0900 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager 7.1/8.0/8.1 Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-0901. | 6.1 |
2016-05-03 | CVE-2016-0892 | Cross-site Scripting vulnerability in EMC RSA Data Loss Prevention Cross-site scripting (XSS) vulnerability in EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2016-04-28 | CVE-2016-1205 | Cross-site Scripting vulnerability in Shiro8 products Cross-site scripting (XSS) vulnerability in the shiro8 (1) category_freearea_ addition_plugin plugin 1.0 and (2) itemdetail_freearea_ addition_plugin plugin 1.0 for EC-CUBE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2016-04-22 | CVE-2016-3126 | Cross-site Scripting vulnerability in Blackberry Enterprise Server Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 6.1 |