Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3.
CWE-79
CVE-2018-12409
The SOAP Admin API component of TIBCO Software Inc.’s TIBCO Silver Fabric contains a vulnerability that may allow reflected cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.’s TIBCO Silver Fabric: versions up to and including 5.8.1.
CVE-2018-12429
JEESNS through 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie.
CVE-2018-12431
SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page).
CVE-2018-12432
JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI.
CVE-2018-1233
RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user’s browser session in the context of the affected website.
