Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-10 | CVE-2016-1000127 | Cross-site Scripting vulnerability in Ajax-Random-Post Project Ajax-Random-Post Reflected XSS in wordpress plugin ajax-random-post v2.00 | 6.1 |
| 2016-10-10 | CVE-2016-1000126 | Cross-site Scripting vulnerability in Admin-Font-Editor Project Admin-Font-Editor 1.8 Reflected XSS in wordpress plugin admin-font-editor v1.8 | 6.1 |
| 2016-10-07 | CVE-2016-1000007 | Cross-site Scripting vulnerability in Redhat Pagure 2.2.1 Pagure 2.2.1 XSS in raw file endpoint | 6.1 |
| 2016-10-07 | CVE-2015-7363 | Cross-site Scripting vulnerability in Fortinet Fortianalyzer Firmware and Fortimanager Firmware Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.3 allows remote administrators to inject arbitrary web script or HTML via vectors related to report filters. | 5.4 |
| 2016-10-06 | CVE-2016-1000114 | Cross-site Scripting vulnerability in Huge-It Gallery 1.1.5 XSS in huge IT gallery v1.1.5 for Joomla | 6.1 |
| 2016-10-06 | CVE-2015-1000004 | Cross-site Scripting vulnerability in Filedownload Project Filedownload 1.4 XSS in filedownload v1.4 wordpress plugin | 6.1 |
| 2016-10-06 | CVE-2016-6436 | Cross-site Scripting vulnerability in Cisco Hostscan Engine Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682. | 6.1 |
| 2016-10-06 | CVE-2016-6425 | Cross-site Scripting vulnerability in Cisco products Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuy75020 and CSCuy81652. | 6.1 |
| 2016-10-06 | CVE-2016-6027 | Cross-site Scripting vulnerability in IBM Sterling Secure Proxy 3.4.2.0/3.4.3.0 The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information or modify data by leveraging use of HTTP. | 6.1 |
| 2016-10-05 | CVE-2016-6418 | Cross-site Scripting vulnerability in Cisco Videoscape Distribution Suite Service Manager Cross-site scripting (XSS) vulnerability in Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.0 through 3.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCva14552. | 6.1 |