Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-03-13 | CVE-2011-1396 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allows remote attackers to inject arbitrary web script or HTML via the reportType parameter to an unspecified component. | 4.3 |
2012-03-13 | CVE-2011-1395 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in imicon.jsp in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allows remote attackers to inject arbitrary web script or HTML via the controlid parameter. | 4.3 |
2012-03-09 | CVE-2012-0325 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0324. | 4.3 |
2012-03-09 | CVE-2012-0324 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0325. | 4.3 |
2012-03-09 | CVE-2012-0323 | Cross-Site Scripting vulnerability in Paul Lesniewsk Autocomplete Cross-site scripting (XSS) vulnerability in the Autocomplete plugin before 3.0 for SquirrelMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-03-09 | CVE-2011-3046 | Cross-Site Scripting vulnerability in Google Chrome The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue. | 10.0 |
2012-03-08 | CVE-2012-0590 | Cross-Site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a drag-and-drop operation. | 4.3 |
2012-03-08 | CVE-2012-0589 | Cross-Site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0588. | 4.3 |
2012-03-08 | CVE-2012-0588 | Cross-Site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589. | 4.3 |
2012-03-08 | CVE-2012-0587 | Cross-Site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589. | 4.3 |