Total
26633 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-1278 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124756. | |||||
CVE-2017-14765 | 1 Genixcms | 1 Genixcms | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request. | |||||
CVE-2015-3169 | 1 Askbot | 1 Askbot | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in askbot 0.7.51-4.el6.noarch. | |||||
CVE-2015-6959 | 1 Vindula | 1 Vindula | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting (XSS) vulnerability in Vindula 1.9. | |||||
CVE-2017-15278 | 1 Teampass | 1 Teampass | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. The vulnerability exists due to insufficient filtration of data (in /sources/folders.queries.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | |||||
CVE-2017-1554 | 1 Ibm | 1 Infosphere Biginsights | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
IBM Infosphere BigInsights 4.2.0 and 4.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 131398. | |||||
CVE-2015-0101 | 1 Ibm | 1 Business Process Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; IBM Business Process Manager Express 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; and IBM Business Process Manager Advanced 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5. | |||||
CVE-2017-11439 | 1 Sitecore | 1 Cms | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
In Sitecore 8.2, there is reflected XSS in the shell/Applications/Tools/Run Program parameter. | |||||
CVE-2017-16721 | 1 Geovap | 1 Reliance-scada | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
A Cross-site Scripting issue was discovered in Geovap Reliance SCADA Version 4.7.3 Update 2 and prior. This vulnerability could allow an unauthenticated attacker to inject arbitrary code. | |||||
CVE-2014-9557 | 1 Smartwebsites | 1 Smartcms | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Multiple cross-site scripting (XSS) vulnerabilities in SmartCMS v.2. | |||||
CVE-2017-1335 | 1 Ibm | 1 Rational Engineering Lifecycle Manager | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126243. | |||||
CVE-2015-2145 | 1 Phpbugtracker Project | 1 Phpbugtracker | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||||
CVE-2017-14363 | 1 Microfocus | 1 Operations Manager I | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-Site Scripting (XSS) vulnerability has been identified in Micro Focus Operations Manager i, versions 10.60, 10.61, 10.62. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). | |||||
CVE-2017-8016 | 1 Emc | 1 Archer Grc Platform | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Questionnaire ID field. An authenticated attacker may potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the affected RSA Archer application. | |||||
CVE-2018-5078 | 1 Advanced Real Estate Script Project | 1 Advanced Real Estate Script | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
Online Ticket Booking has XSS via the admin/eventlist.php cast parameter. | |||||
CVE-2017-6661 | 1 Cisco | 2 Content Security Management Appliance, Email Security Appliance | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka Message Tracking XSS. More Information: CSCvd30805 CSCvd34861. Known Affected Releases: 10.0.0-203 10.1.0-049. | |||||
CVE-2017-14093 | 1 Trendmicro | 1 Scanmail | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting (XSS) attacks. | |||||
CVE-2017-14313 | 1 Shibboleth Project | 1 Shibboleth | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
The shibboleth_login_form function in shibboleth.php in the Shibboleth plugin before 1.8 for WordPress is prone to an XSS vulnerability due to improper use of add_query_arg(). | |||||
CVE-2017-1345 | 1 Ibm | 1 Insights Foundation For Energy | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
IBM Insights Foundation for Energy 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126460. | |||||
CVE-2017-1199 | 1 Ibm | 1 Infosphere Master Data Management Server | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123674. |