Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-01	CVE-2017-12131	Cross-site Scripting vulnerability in Goldplugins Easy Testimonials 3.0.4 The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/settings/display.options.php, as demonstrated by the Default Testimonials Width, View More Testimonials Link, and Testimonial Excerpt Options screens. network low complexity goldplugins CWE-79	6.1
2017-08-01	CVE-2017-12068	Cross-site Scripting vulnerability in Event List Project Event List 0.7.9 The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin.php in an el_admin_categories delete_bulk action. network low complexity event-list-project CWE-79	6.1
2017-08-01	CVE-2017-12066	Cross-site Scripting vulnerability in Cacti Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. network low complexity cacti CWE-79	5.4
2017-07-31	CVE-2017-11727	Cross-site Scripting vulnerability in Connectwise Manage 2017.5 services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafted link, aka XSS. network low complexity connectwise CWE-79	6.1
2017-07-31	CVE-2017-1496	Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2017-07-31	CVE-2017-1386	Weak Password Requirements vulnerability in IBM API Connect and API Management IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant passwords which could be intercepted and decrypted using man in the middle techniques. network high complexity ibm CWE-521	5.9
2017-07-31	CVE-2017-1370	Information Exposure Through an Error Message vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. network low complexity ibm CWE-209	4.9
2017-07-31	CVE-2017-1332	Cross-site Scripting vulnerability in IBM Inotes IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	6.1
2017-07-31	CVE-2017-1303	Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal and Web Content Manager 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	6.1
2017-07-31	CVE-2016-9719	Improper Input Validation vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 10.1. network low complexity ibm CWE-20	5.7

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium