Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-21 | CVE-2016-0925 | Cross-site Scripting vulnerability in EMC RSA Adaptive Authentication On-Premise 7.2 Cross-site scripting (XSS) vulnerability in the Case Management application in EMC RSA Adaptive Authentication (On-Premise) before 6.0.2.1.SP3.P4 HF210, 7.0.x and 7.1.x before 7.1.0.0.SP0.P6 HF50, and 7.2.x before 7.2.0.0.SP0.P0 HF20 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2016-09-18 | CVE-2016-6404 | Cross-site Scripting vulnerability in Cisco IOS 15.5(2)T Cross-site scripting (XSS) vulnerability in the web framework in Cisco IOx Local Manager in IOS 15.5(2)T and IOS XE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy19854. | 6.1 |
| 2016-09-18 | CVE-2016-6643 | Cross-site Scripting vulnerability in EMC Vipr SRM 3.6.0/3.6.4/3.7.1 Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2016-09-18 | CVE-2016-6641 | Cross-site Scripting vulnerability in EMC Vipr SRM 3.6.0/3.6.4/3.7.1 Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 7.6 |
| 2016-09-18 | CVE-2016-0927 | Cross-site Scripting vulnerability in Pivotal Software Cloud Foundry Elastic Runtime Cross-site scripting (XSS) vulnerability in Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2016-09-18 | CVE-2016-0926 | Cross-site Scripting vulnerability in Pivotal Software Cloud Foundry Elastic Runtime Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.32 and 1.7.x before 1.7.8 allows remote attackers to inject arbitrary web script or HTML via unspecified input that improperly interacts with the AngularJS framework. | 6.1 |
| 2016-09-17 | CVE-2016-7419 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in share.js in the gallery application in ownCloud Server before 9.0.4 and Nextcloud Server before 9.0.52 allows remote authenticated users to inject arbitrary web script or HTML via a crafted directory name. | 5.4 |
| 2016-09-14 | CVE-2016-3379 | Cross-site Scripting vulnerability in Microsoft Exchange Server 2016 Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2 allows remote attackers to inject arbitrary web script or HTML via a meeting-invitation request, aka "Microsoft Exchange Elevation of Privilege Vulnerability." | 6.1 |
| 2016-09-12 | CVE-2016-6395 | Cross-site Scripting vulnerability in Cisco Firesight System Software Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz58658. | 5.4 |
| 2016-09-12 | CVE-2016-0331 | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 6.0.1 and 6.0.2 before 6.0.2 iFix2 and Rational Collaborative Lifecycle Management 6.0.1 and 6.0.2 before 6.0.2 iFix2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 5.4 |