タイプ別 CVE リスト:XSS(公開年で絞り込み)

XSS に分類される脆弱性に紐づく CVE を、公開年で絞り込みます。一覧は新しい公開が上に来る並びで、CVSS / EPSS のリスク指標でもさらに絞り込めます。

直近の脆弱性公開や傾向を押さえ、セキュリティチームが高リスクな事象や悪用の可能性を素早く把握するためのビューです。

2017 年に公開され、XSS に分類される CVE を表示しています。 CVE の一覧へ

CVSS スコア
表示中 120 / 1483
«« 先頭 « 前へ 1 / 75 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2017-18004 Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps/default/mapAndPoint. 5.4 0.63% 2017-12-31 2026-06-16
CVE-2016-10704 Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have XSS via e-mail templates that are mishandled during a preview, aka APPSEC-1503. 6.1 0.64% 2017-12-30 2026-06-16
CVE-2017-17089 custom/run.cgi in Webmin before 1.870 allows remote authenticated administrators to conduct XSS attacks via the description field in the custom command functionality. 4.8 0.83% 2017-12-30 2026-06-16
CVE-2017-12813 PHPJabbers File Sharing Script 1.0 has stored XSS in the comments section. 6.1 0.63% 2017-12-30 2026-06-16
CVE-2017-12812 PHPJabbers Night Club Booking Software has stored XSS in the name parameter in the reservations tab. 6.1 0.63% 2017-12-30 2026-06-16
CVE-2017-12811 PHPJabbers Star Rating Script 4.0 has stored XSS via a rating item. 6.1 0.63% 2017-12-30 2026-06-16
CVE-2017-12810 PHPJabbers PHP Newsletter Script 4.2 has stored XSS in lists in the admin panel. 6.1 0.63% 2017-12-30 2026-06-16
CVE-2017-17995 Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request. 5.4 0.54% 2017-12-29 2026-06-16
CVE-2017-17994 Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request. 5.4 0.54% 2017-12-29 2026-06-16
CVE-2017-17993 Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request. 5.4 0.54% 2017-12-29 2026-06-16
CVE-2017-17991 Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request. 5.4 0.54% 2017-12-29 2026-06-16
CVE-2017-17989 Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action. 5.4 0.54% 2017-12-29 2026-06-16
CVE-2017-17988 PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_add.php event_title parameter. 4.8 0.49% 2017-12-29 2026-06-16
CVE-2017-17986 PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/caste_view.php comm_id parameter. 4.8 0.49% 2017-12-29 2026-06-16
CVE-2017-17985 PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/state_view.php cou_id parameter. 4.8 0.49% 2017-12-29 2026-06-16
CVE-2017-17984 PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_edit.php edit_id parameter. 4.8 0.49% 2017-12-29 2026-06-16
CVE-2017-17981 PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/slider_edit.php edit_id parameter. 5.4 0.49% 2017-12-29 2026-06-16
CVE-2017-17971 The test_sql_and_script_inject function in htdocs/main.inc.php in Dolibarr ERP/CRM 6.0.4 blocks some event attributes but neither onclick nor onscroll, which allows XSS. 6.1 1.01% 2017-12-29 2026-06-16
CVE-2017-17933 cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter. 6.1 0.94% 2017-12-29 2026-06-16
CVE-2017-16876 Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument. 6.1 2.20% 2017-12-29 2026-06-16
«« 先頭 « 前へ 1 / 75 次へ »
cvelogic Threat Intelligence