CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
44,966 vulnerabilities with CWE-79
CVE-2025-69242
MEDIUM
Reflected XSS in Raytha CMS
CVSS 6.1
CVE-2025-69241
MEDIUM
Stored XSS in Raytha CMS
CVSS 5.4
CVE-2025-69237
MEDIUM
Stored XSS in Raytha CMS
CVSS 5.4
CVE-2025-69236
MEDIUM
Stored XSS in Raytha CMS
CVSS 5.4
CVE-2025-14504
MEDIUM
IBM Sterling B2B Integrator 6.1.0.0-6.1.2.7_2 - XSS
CVSS 5.4
CVE-2025-13702
MEDIUM
IBM Sterling Partner Engagement Manager 6.2.3.0-6.2.3.5/6.2.4.0-6.2.4.2 - XSS
CVSS 6.1
CVE-2025-12454
MEDIUM
OpenText Vertica 10.0-10.X, 11.0-11.X, 12.0-12.X, 23.0-23.X, 24.0-24.X, 25.1.0-25.1.X - Reflected Cross-Site Scripting
CVSS 6.1
CVE-2025-12453
MEDIUM
OpenText Vertica 10.0-25.3.X - Reflected XSS
CVSS 6.1
CVE-2025-12473
MEDIUM
RTMKit WordPress Plugin <=1.6.8 - XSS
CVSS 6.1
CVE-2025-70128
MEDIUM
PluXml < 5.8.22 - Stored Cross-Site Scripting in Article Comments Link Field
CVSS 6.1
CVE-2025-36226
MEDIUM
IBM Aspera Faspex 5.0.0-5.0.14.3 - XSS
CVSS 5.4
CVE-2025-70025
MEDIUM
generatedata 4.0.14 - Cross-Site Scripting
CVSS 6.1
CVE-2025-53608
MEDIUM
FortiSandbox 4.0.0-4.4.7, 5.0.0-5.0.2 - Authenticated Cross-Site Scripting
CVSS 4.8
CVE-2025-13902
MEDIUM
Web Server - Cross-Site Scripting
CVSS 5.4
CVE-2025-36173
MEDIUM
InfoSphere Data Architect 9.2.1 - Info Disclosure
CVSS 6.1
CVE-2025-70038
HIGH
linagora Twake v2023.Q1.1223 - Cross-Site Scripting
CVSS 8.8
CVE-2025-70033
MEDIUM
Sunbird-Ed SunbirdEd-portal 1.13.4 - XSS
CVSS 5.4
CVE-2025-70060
MEDIUM
YMFE yapi 1.12.0 - Cross-Site Scripting
CVSS 5.4
CVE-2025-40638
MEDIUM
Eventobot - Reflected Cross-Site Scripting via Name Parameter in Search Results
CVSS 6.1
CVE-2025-59543
CRITICAL
Chamilo LMS < 1.11.34 - Authenticated Stored Cross-Site Scripting via Course Description Field
CVSS 9.0
CVE-2025-59542
CRITICAL
Chamilo LMS < 1.11.34 - Authenticated Stored Cross-Site Scripting via Course Learning Path Settings
CVSS 9.0
CVE-2025-59540
MEDIUM
Chamilo LMS < 1.11.34 - Stored Cross-Site Scripting in Exercise History Feedback
CVSS 5.4
CVE-2025-55289
HIGH
Chamilo LMS < 1.11.34 - Stored Cross-Site Scripting in Social Network and Messaging Features
CVSS 8.8
CVE-2025-55208
CRITICAL
Chamilo LMS < 1.11.34 - Stored Cross-Site Scripting via Social Networks File Upload
CVSS 9.0
CVE-2025-69343
MEDIUM
Theater for WordPress <= 0.19 - Stored Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities
44,966
Exploit Likelihood
High