Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-06 | CVE-2016-1310 | Cross-site Scripting vulnerability in SUN Opensolaris Snv124 Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033. | 6.1 |
| 2016-02-06 | CVE-2016-1306 | Cross-site Scripting vulnerability in SUN Opensolaris Snv124 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog Director 1.0(0) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux80466. | 6.1 |
| 2016-02-06 | CVE-2015-7916 | Cross-site Scripting vulnerability in Sauter-Controls Moduweb Vision 1.5 Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query. | 6.5 |
| 2016-02-03 | CVE-2015-7536 | Cross-site Scripting vulnerability in Jenkins Cross-site scripting (XSS) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts. | 5.4 |
| 2016-01-31 | CVE-2016-1941 | Cross-site Scripting vulnerability in multiple products The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended. | 6.1 |
| 2016-01-31 | CVE-2016-1937 | Cross-site Scripting vulnerability in multiple products The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended. | 6.1 |
| 2016-01-30 | CVE-2016-1144 | Cross-site Scripting vulnerability in Websquare Job-Cube Cross-site scripting (XSS) vulnerability in JOB-CUBE -JOB WEB SYSTEM before 1.2.2 and -JOB WEB SYSTEM High Income 1.0.6 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2016-01-30 | CVE-2016-1143 | Cross-site Scripting vulnerability in Vine MV Project Vine MV 20150909 Cross-site scripting (XSS) vulnerability in main.rb in Vine MV before 2015-11-08 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2016-01-30 | CVE-2016-1136 | Cross-site Scripting vulnerability in Kddi Home Spot Cube Firmware 2.0 Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2016-01-30 | CVE-2016-1488 | Cross-site Scripting vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware Cross-site scripting (XSS) vulnerability in the login form in the integrated web server on Siemens OZW OZW672 devices before 6.00 and OZW772 devices before 6.00 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 6.1 |