Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-28 | CVE-2016-5005 | Cross-site Scripting vulnerability in Apache Archiva Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via the connector.sourceRepoId parameter to admin/addProxyConnector_commit.action. | 4.8 |
| 2016-07-28 | CVE-2016-1462 | Cross-site Scripting vulnerability in Cisco Prime Service Catalog 11.0Base Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Prime Service Catalog (PSC) 11.0 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCuz63795. | 6.1 |
| 2016-07-22 | CVE-2016-6204 | Cross-site Scripting vulnerability in Siemens Sinema Remote Connect Server 1.0/1.1 Cross-site scripting (XSS) vulnerability in the integrated web server in Siemens SINEMA Remote Connect Server before 1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 6.1 |
| 2016-07-22 | CVE-2016-4651 | Cross-site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting (XPXSS)" vulnerability. | 6.1 |
| 2016-07-22 | CVE-2016-4585 | Cross-site Scripting vulnerability in Apple Webkit Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. | 6.1 |
| 2016-07-15 | CVE-2016-5660 | Cross-site Scripting vulnerability in Accela Civic Platform Cross-site scripting (XSS) vulnerability in AttachmentsList.aspx in Accela Civic Platform Citizen Access portal allows remote attackers to inject arbitrary web script or HTML via the iframeid parameter. | 6.1 |
| 2016-07-15 | CVE-2016-0269 | Cross-site Scripting vulnerability in IBM Bigfix Platform Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x before 9.1.8 and 9.2.x before 9.2.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 5.4 |
| 2016-07-15 | CVE-2016-1451 | Cross-site Scripting vulnerability in Cisco Meeting Server 1.7Base/1.8Base/1.9Base Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922. | 6.1 |
| 2016-07-15 | CVE-2016-1449 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy92711. | 6.1 |
| 2016-07-15 | CVE-2016-1447 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuy83194. | 6.1 |