CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

44,966 vulnerabilities with CWE-79
CVE-2025-41065 MEDIUM
LUNA 7.5.5.6 - Stored Cross-Site Scripting via Edit Batch Name Function
CVE-2025-8461 HIGH
Seres Software syWEB <03022026 - XSS
CVSS 7.6
CVE-2025-8456 HIGH
Kod8 Software Technologies Trade Ltd. Co. - XSS
CVSS 7.6
CVE-2025-8589 HIGH
AKCE Software Technology R&D Industry and Trade Inc. SKSPro <7.01.2...
CVSS 7.6
CVE-2025-14274 MEDIUM
Unlimited Elements for Elementor <2.0.1 - XSS
CVSS 5.4
CVE-2025-67483 MEDIUM
MediaWiki < 1.43.6, 1.44.3, 1.45.1 - Cross-Site Scripting in Page Preview
CVSS 6.1
CVE-2025-67481 MEDIUM
MediaWiki < 1.39.16, 1.43.6, 1.44.3, 1.45.1 - Cross-Site Scripting in mediawiki.JqueryMsg.Js
CVSS 6.1
CVE-2025-67477 MEDIUM
MediaWiki < 1.44.3, 1.45.1 - Cross-Site Scripting in ApiSandboxLayout.Js
CVSS 6.1
CVE-2025-67475 MEDIUM
MediaWiki < 1.39.16, 1.43.6, 1.44.3, 1.45.1 - Cross-Site Scripting in CommentParser
CVSS 6.1
CVE-2025-61657 NONE
Wikimedia Foundation Vector <1.43.4-1.44.1 - XSS
CVE-2025-61656 MEDIUM
VisualEditor < 1.39.14, 1.43.4, 1.44.1 - Cross-Site Scripting in Clipboard Handler
CVSS 6.1
CVE-2025-61655 MEDIUM
Wikimedia Foundation VisualEditor < 1.39.14, 1.43.4, 1.44.1 - Cross-Site Scripting in Save Dialog
CVSS 6.1
CVE-2025-61651 MEDIUM
Wikimedia Foundation CheckUser <1.44.1 - XSS
CVSS 6.1
CVE-2025-61650 LOW
Wikimedia Foundation CheckUser <795bf333272206a0189050d975e94b70eb7...
CVE-2025-61648 MEDIUM
Wikimedia Foundation CheckUser <1.44.1 - XSS
CVSS 6.1
CVE-2025-61645 MEDIUM
MediaWiki < 1.44.1 - Cross-Site Scripting in CodexTablePager
CVSS 6.1
CVE-2025-11261 MEDIUM
MediaWiki < 1.39.15, 1.43.5, 1.44.2 - Cross-Site Scripting in mediawiki.Language.Js
CVSS 6.1
CVE-2025-61644 NONE
MediaWiki <fb856ce9cf121e046305116852cca4899 - XSS
CVE-2025-61642 MEDIUM
MediaWiki < 1.39.14, 1.43.4, 1.44.1 - Cross-Site Scripting in HTMLForm Code
CVSS 6.1
CVE-2025-61640 MEDIUM
MediaWiki < 1.39.14, 1.43.4, 1.44.1 - Cross-Site Scripting in RclToOrFromWidget
CVSS 4.8
CVE-2025-61638 MEDIUM
MediaWiki <1.39.14, 1.43.4, 1.44.1 - XSS
CVSS 4.8
CVE-2025-61637 MEDIUM
MediaWiki < 1.39.14, 1.43.4, 1.44.1 - Cross-Site Scripting in Edit Preview
CVSS 4.8
CVE-2025-61636 MEDIUM
MediaWiki < 1.39.14, 1.43.4, 1.44.1 - Cross-Site Scripting in HTMLButtonField
CVSS 4.8
CVE-2025-70960 MEDIUM
Tendenci CMS 15.3.7 - Stored Cross-Site Scripting in Forums Module
CVSS 5.4
CVE-2025-70959 MEDIUM
Tendenci CMS 15.3.7 - Stored Cross-Site Scripting in Jobs Module
CVSS 5.4
Details
Vulnerabilities 44,966
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits