Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-05-09 | CVE-2012-2008 | Cross-Site Scripting vulnerability in HP Performance Insight Cross-site scripting (XSS) vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-05-03 | CVE-2012-1190 | Cross-Site Scripting vulnerability in PHPmyadmin Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name. | 4.3 |
2012-05-03 | CVE-2012-0737 | Cross-Site Scripting vulnerability in IBM Rational Appscan Cross-site scripting (XSS) vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2012-05-02 | CVE-2012-2005 | Cross-Site Scripting vulnerability in HP Insight Management Agents Cross-site scripting (XSS) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-05-02 | CVE-2012-2001 | Cross-Site Scripting vulnerability in HP Snmp Agents FOR Linux Cross-site scripting (XSS) vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-05-02 | CVE-2011-3317 | Cross-Site Scripting vulnerability in Cisco Secure Access Control Server 5.2 Multiple cross-site scripting (XSS) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtr78192. | 4.3 |
2012-04-27 | CVE-2012-1245 | Cross-Site Scripting vulnerability in Osqa 0.9.0 Cross-site scripting (XSS) vulnerability in the cleanup_urls function in forum/utils/html.py in OSQA before 1234, and 0.9.0 Beta 3 and earlier, allows remote attackers to inject arbitrary web script or HTML via vectors related to a crafted URI. | 4.3 |
2012-04-25 | CVE-2012-0477 | Cross-Site Scripting vulnerability in Mozilla products Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set. | 4.3 |
2012-04-25 | CVE-2012-0474 | Cross-Site Scripting vulnerability in Mozilla products Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)." | 4.3 |
2012-04-25 | CVE-2012-0471 | Cross-Site Scripting vulnerability in Mozilla products Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set. | 4.3 |