The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_timeout_pages action.
CWE-79
CVE-2018-17587
AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVE-2018-17588
AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVE-2018-17589
AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVE-2018-1759
IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148613.
CVE-2018-17590
AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.