CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
44,968 vulnerabilities with CWE-79
CVE-2025-50005
MEDIUM
tagDiv Composer <= 5.4.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-49336
MEDIUM
Pondol BBS <= 1.1.8.4 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-49249
HIGH
ApusTheme Drone <= 1.40 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49066
HIGH
LambertGroup Accordion Slider PRO - XSS
CVSS 7.1
CVE-2025-49046
HIGH
LambertGroup xPromoter <=1.3.4 - XSS
CVSS 7.1
CVE-2025-49045
HIGH
Super Interactive Maps <= 2.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49043
HIGH
LambertGroup Magic Responsive Slider & Carousel <1.6 - XSS
CVSS 7.1
CVE-2025-48094
HIGH
LambertGroup Magic Slider <=2.2 - XSS
CVSS 7.1
CVE-2025-47666
HIGH
LambertGroup Image&Video FullScreen Background - XSS
CVSS 7.1
CVE-2025-47500
MEDIUM
Benjamin Intal Stackable <3.19.5 - XSS
CVSS 5.9
CVE-2025-32123
HIGH
LambertGroup HTML5 Video Player - XSS
CVSS 7.1
CVE-2025-27005
HIGH
LambertGroup HTML5 Video Player <5.3.5 - XSS
CVSS 7.1
CVE-2025-65098
HIGH
typebot < 3.13.2 - Unauthenticated Credential Theft via Malicious Typebot Preview
CVSS 7.4
CVE-2025-67683
MEDIUM
Quick.Cart 6.7 - Reflected Cross-Site Scripting via sSort Parameter
CVSS 6.1
CVE-2025-4763
MEDIUM
Aida Computer Information Technology Inc. Hotel Guest Hotspot <2201...
CVSS 5.5
CVE-2025-27380
HIGH
Altium Enterprise Server <7.0.3 - XSS
CVSS 7.6
CVE-2025-27379
MEDIUM
Altium On-Prem Enterprise Server 7.0.3-7.0.6 - Authenticated Stored Cross-Site Scripting in BOM Viewer Description Field
CVSS 6.8
CVE-2025-57681
MEDIUM
WorklogPRO - Timesheets for Jira < 4.23.7 - Stored Cross-Site Scripting via Issue Summary Field
CVSS 5.4
CVE-2025-67263
MEDIUM
Abacre Retail Point of Sale 14.0.0.396 - Stored Cross-Site Scripting in Clients Module Name and Surname Fields
CVSS 6.1
CVE-2025-67824
MEDIUM
Jira Data Center <4.24.2-jira9,11-12 - XSS
CVSS 6.1
CVE-2025-36409
MEDIUM
IBM ApplinX 11.1 - Authenticated Stored Cross-Site Scripting
CVSS 5.4
CVE-2025-36408
MEDIUM
IBM ApplinX 11.1 - Authenticated Stored Cross-Site Scripting
CVSS 6.4
CVE-2025-36396
MEDIUM
IBM Application Gateway 23.10-25.09 - Authenticated Stored Cross-Site Scripting
CVSS 5.4
CVE-2025-36113
MEDIUM
IBM Sterling Connect:Express Adapter 5.2.0.00-5.2.0.12 Stored XSS
CVSS 5.4
CVE-2025-36066
MEDIUM
IBM Sterling Connect:Express Adapter 5.2.0.00-5.2.0.12 - Stored XSS
CVSS 6.1
Details
Vulnerabilities
44,968
Exploit Likelihood
High