Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-11-17 | CVE-2003-0712 | Cross-Site Scripting vulnerability in Microsoft Exchange Server 5.5 Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script. | 4.3 |
| 2003-10-28 | CVE-2003-1151 | Cross-Site Scripting vulnerability in Fastream NetFile Error Message Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attackers to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page. | 4.3 |
| 2003-10-06 | CVE-2003-0801 | Cross-Site Scripting vulnerability in Nokia Electronic Documentation 5.0 Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script. | 4.3 |
| 2003-06-16 | CVE-2003-0310 | Cross-Site Scripting vulnerability in EZ Publish 2.2 Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script. | 6.8 |
| 2002-12-31 | CVE-2002-2424 | Cross-Site Scripting vulnerability in Ekilat LLC PHP(Reactor) 1.27Pl1 Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag. | 4.3 |
| 2002-12-31 | CVE-2002-2422 | Cross-Site Scripting vulnerability in Compaq Insight Management Agent Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the script into the resulting error message. | 4.3 |
| 2002-12-31 | CVE-2002-2418 | Cross-Site Scripting vulnerability in Acfp Project Acfreeproxy 1.33Beta7 Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) 1.33 beta 7 allows remote attackers to inject arbitrary web script or HTML via the URL, which is inserted into an error page. | 4.3 |
| 2002-12-31 | CVE-2002-2386 | Cross-Site Scripting vulnerability in Xoops 1.0Rc3 Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line question development, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the SRC attribute of an IMG tag. | 4.3 |
| 2002-12-31 | CVE-2002-2378 | Cross-Site Scripting vulnerability in Nakata AN Httpd 1.41D Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page. | 4.3 |
| 2002-12-31 | CVE-2002-2377 | Cross-Site Scripting vulnerability in Sephiroth32 ZAP Book 1.0.3 Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field. | 4.3 |