CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,114 vulnerabilities with CWE-79
CVE-2025-55321 CRITICAL
Azure Monitor - Cross-Site Scripting
CVSS 9.3
CVE-2025-35060 MEDIUM
Newforma Project Center < 2024.1 - Authenticated Stored Cross-Site Scripting via SVG File Upload
CVSS 5.5
CVE-2025-55200 HIGH
BigBlueButton < 3.0.13 - Stored Cross-Site Scripting via Username Field in Shared Notes
CVSS 7.1
CVE-2025-60304 MEDIUM
code-projects Simple Scheduling System 1.0 - XSS
CVSS 6.1
CVE-2025-60009 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting in CLI Configlet Page
CVSS 6.1
CVE-2025-60002 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Template Definitions Page
CVSS 6.1
CVE-2025-60001 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Generate Report Page
CVSS 6.1
CVE-2025-60000 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Generate Report Page
CVSS 6.1
CVE-2025-59999 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via API Access Profiles Page
CVSS 6.1
CVE-2025-59998 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting in Archive Log Screen
CVSS 6.1
CVE-2025-59997 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting in CLI Configlets Pages
CVSS 6.1
CVE-2025-59996 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting in Configuration View Page
CVSS 6.1
CVE-2025-59995 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Quick Template Page
CVSS 6.1
CVE-2025-59994 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Quick Template Page
CVSS 6.1
CVE-2025-59993 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Space Node Setting Fields
CVSS 6.1
CVE-2025-59992 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Secure Console Page
CVSS 6.1
CVE-2025-59991 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting in Device Management Pages
CVSS 6.1
CVE-2025-59990 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Template Creation Page
CVSS 6.1
CVE-2025-59989 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Device Discovery Page
CVSS 6.1
CVE-2025-59988 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Generate Report Page
CVSS 6.1
CVE-2025-59987 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Arbitrary Device Search Field
CVSS 6.1
CVE-2025-59986 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Model Devices Input Fields
CVSS 6.1
CVE-2025-59985 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Purging Policy Page
CVSS 6.1
CVE-2025-59984 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Global Search
CVSS 6.1
CVE-2025-59983 MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting in Template Definition Page
CVSS 6.1
Details
Vulnerabilities 45,114
Exploit Likelihood High