Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-17	CVE-2017-1000065	Cross-site Scripting vulnerability in Openmediavault 2.1 Multiple Cross-site scripting (XSS) vulnerabilities in rpc.php in OpenMediaVault release 2.1 in Access Rights Management(Users) functionality allows attackers to inject arbitrary web scripts and execute malicious scripts within an authenticated client's browser. network low complexity openmediavault CWE-79	6.1
2017-07-17	CVE-2017-1000063	Cross-site Scripting vulnerability in Kitto Project Kitto 0.5.1 kittoframework kitto version 0.5.1 is vulnerable to an XSS in the 404 page resulting in information disclosure network low complexity kitto-project CWE-79	6.1
2017-07-17	CVE-2017-1000059	Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header handling resulting in the execution of any user provided Javascript code in the session of other users. network low complexity livehelperchat CWE-79	6.1
2017-07-17	CVE-2017-1000058	Cross-site Scripting vulnerability in Chevereto Stored XSS vulnerabilities in chevereto CMS before version 3.8.11, one in the user profile and one in the Exif data parser. network low complexity chevereto CWE-79	6.1
2017-07-17	CVE-2017-1000054	Cross-site Scripting vulnerability in Rocketchat Rocket.Chat Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages. network low complexity rocketchat CWE-79	6.1
2017-07-17	CVE-2017-1000051	Cross-site Scripting vulnerability in Xwiki Cryptpad Cross-site scripting (XSS) vulnerability in pad export in XWiki labs CryptPad before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the pad content network low complexity xwiki CWE-79	6.1
2017-07-17	CVE-2017-1000043	Cross-site Scripting vulnerability in Mapbox Mapbox.Js Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON name and map share control network low complexity mapbox CWE-79	6.1
2017-07-17	CVE-2017-1000042	Cross-site Scripting vulnerability in Mapbox Project Mapbox Mapbox.js versions 1.x prior to 1.6.5 and 2.x prior to 2.1.7 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON Name. network low complexity mapbox-project CWE-79	6.1
2017-07-17	CVE-2017-1000038	Cross-site Scripting vulnerability in Relevanssi 3.5.7.1 WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored XSS resulting in attacker being able to execute JavaScript on the affected site network low complexity relevanssi CWE-79	6.1
2017-07-17	CVE-2017-1000035	Cross-site Scripting vulnerability in Tt-Rss Tiny RSS Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack network low complexity tt-rss CWE-79	6.1

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium