CVE-2017-1000078 CVSS:4.3
Linux foundation ONOS 1.9 is vulnerable to XSS in the device registration (Last Update:2017-07-19) (Publish Update:2017-07-17)
CVE-2017-1000065 CVSS:4.3
Multiple Cross-site scripting (XSS) vulnerabilities in rpc.php in OpenMediaVault release 2.1 in Access Rights Management(Users) functionality allows attackers to inject arbitrary web scripts and execute malicious scripts within an authenticated client's browser. (Last Update:2017-07-21) (Publish Update:2017-07-17)
CVE-2017-1000063 CVSS:4.3
kittoframework kitto version 0.5.1 is vulnerable to an XSS in the 404 page resulting in information disclosure (Last Update:2017-07-19) (Publish Update:2017-07-17)
CVE-2017-1000059 CVSS:4.3
Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header handling resulting in the execution of any user provided Javascript code in the session of other users. (Last Update:2017-07-20) (Publish Update:2017-07-17)
CVE-2017-1000058 CVSS:4.3
Stored XSS in chevereto CMS before version 3.8.11 (Last Update:2017-07-20) (Publish Update:2017-07-17)
CVE-2017-1000057 CVSS:4.3
A reflected cross-site scripting vulnerability in GetSimple CMS version 3.3.13 and earlier, allow remote attackers to inject arbitrary JavaScript in the URL-field for the administrative login page (/admin/index.php). (Last Update:2017-07-21) (Publish Update:2017-07-17)
CVE-2017-1000054 CVSS:4.3
Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages. (Last Update:2017-07-19) (Publish Update:2017-07-17)
CVE-2017-1000051 CVSS:4.3
Cross-site scripting (XSS) vulnerability in pad export in XWiki labs CryptPad before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the pad content (Last Update:2017-07-20) (Publish Update:2017-07-17)
CVE-2017-1000049 CVSS:4.3
Roundcube Webmail 1.1.5 is vulnerable to Persistent Xss (Last Update:2017-07-19) (Publish Update:2017-07-17)
CVE-2017-1000043 CVSS:4.3
Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON name and map share control (Last Update:2017-07-20) (Publish Update:2017-07-17)
Click here for a complete list of security vulnerabilities. This vulnerability list widget is provided by