Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-06-16 | CVE-2016-4159 | Cross-site Scripting vulnerability in Adobe Coldfusion 10.0/11.0/2016 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 20, 11 before Update 9, and 2016 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2016-06-16 | CVE-2016-3212 | Cross-site Scripting vulnerability in Microsoft Internet Explorer 10/11/9 The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, aka "Internet Explorer XSS Filter Vulnerability." | 6.1 |
| 2016-06-13 | CVE-2016-3670 | Cross-site Scripting vulnerability in Liferay Portal Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field. | 6.1 |
| 2016-06-08 | CVE-2016-4363 | Cross-site Scripting vulnerability in HP Insight Control Server Deployment HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors. | 6.1 |
| 2016-06-08 | CVE-2016-2078 | Cross-site Scripting vulnerability in VMWare Vcenter Server Cross-site scripting (XSS) vulnerability in the Web Client in VMware vCenter Server 5.1 before update 3d, 5.5 before update 3d, and 6.0 before update 2 on Windows allows remote attackers to inject arbitrary web script or HTML via the flashvars parameter. | 6.1 |
| 2016-06-05 | CVE-2016-1230 | Cross-site Scripting vulnerability in NTT Webarena Service Formmail 2.2.0 Cross-site scripting (XSS) vulnerability in NTT PC Communications WebARENA Service formmail before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2016-06-05 | CVE-2016-1229 | Cross-site Scripting vulnerability in Humhub 0.20.0/0.20.1/1.0.0 Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2016-06-05 | CVE-2016-1222 | Cross-site Scripting vulnerability in Kobe-Beauty PHP-Contact-Form Cross-site scripting (XSS) vulnerability in Kobe Beauty php-contact-form before 2016-05-18 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. | 6.1 |
| 2016-06-04 | CVE-2016-4812 | Cross-site Scripting vulnerability in Markdown on Saved Improved Project Markdown on Saved Improved 2.5 Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2016-06-04 | CVE-2016-1211 | Cross-site Scripting vulnerability in Epoch web Mailing List 0.31 Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List 0.31 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |