CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,114 vulnerabilities with CWE-79
CVE-2025-59982
MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Dashboard Search Field
CVSS 6.1
CVE-2025-59981
MEDIUM
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting via Device Template Definition Page
CVSS 6.1
CVE-2025-59978
CRITICAL
Juniper Junos Space < 24.1R4 - Stored Cross-Site Scripting
CVSS 9.0
CVE-2025-61532
MEDIUM
SVX Portal 2.7A - Cross-Site Scripting via TG Parameter on last_heard_page.php
CVSS 6.1
CVE-2025-60302
MEDIUM
code-projects Client Details System 1.0 - XSS
CVSS 6.1
CVE-2025-59974
HIGH
Juniper Space Security Director < 24.1R4 - Stored Cross-Site Scripting
CVSS 8.4
CVE-2025-56683
CRITICAL
Logseq v0.10.9 - Stored Cross-Site Scripting via Marketplace README.md File
CVSS 9.6
CVE-2025-10240
HIGH
Flowmon < 12.5.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2025-9371
MEDIUM
Betheme <= 28.1.6 - Authenticated Stored Cross-Site Scripting via Page Title Parameter
CVSS 6.4
CVE-2025-11512
MEDIUM
code-projects Voting System 1.0 - Cross-Site Scripting via Firstname/Lastname/Platform Parameters
CVSS 4.3
CVE-2025-61788
MEDIUM
Opencast < 17.8 and 18.2 - Authenticated Stored Cross-Site Scripting in Paella Player Metadata
CVSS 5.4
CVE-2025-11485
LOW
Student Grades Management System 1.0 - Cross-Site Scripting via Manage Users Page
CVSS 2.4
CVE-2025-60318
MEDIUM
SourceCodester Pet Grooming Mgmt <1.0 - XSS
CVSS 6.1
CVE-2025-60313
MEDIUM
Sourcecodester Link Status Checker 1.0 - XSS
CVSS 6.1
CVE-2025-43771
MEDIUM
Liferay Portal 7.4.3.102-7.4.3.111 & DXP 2023.Q3.1-2023.Q3.10, 2023.Q4.0-2023.Q4.5 - Stored XSS in Notifications Widget
CVSS 5.4
CVE-2025-61183
MEDIUM
vaahcms 2.3.1 - Cross-Site Scripting via UserBase.php storeAvatar() Upload Method
CVSS 6.1
CVE-2025-60314
MEDIUM
Configuroweb Sistema Web de Inventario 1.0 - XSS
CVSS 5.4
CVE-2025-43830
MEDIUM
Liferay Portal 7.3.2-7.4.3.111 & DXP Stored XSS in Forms Rich Text Field
CVSS 6.1
CVE-2025-43829
MEDIUM
Liferay DXP 2023.Q3.1-2023.Q3.8 - Stored Cross-Site Scripting via SVG File Upload
CVSS 5.4
CVE-2025-60299
MEDIUM
novel-plus 5.2.0 - Authenticated Stored Cross-Site Scripting via Book Comment Reply
CVSS 5.4
CVE-2025-60298
MEDIUM
novel-plus < 5.2.4 - Authenticated Stored Cross-Site Scripting via /author/updateIndexName
CVSS 5.4
CVE-2025-43821
MEDIUM
Liferay DXP 2023.Q3.1-2023.Q3.8 - Stored Cross-Site Scripting in Commerce Product Comparison Table Widget
CVSS 5.4
CVE-2025-11437
LOW
JhumanJ OpnForm < 1.9.3 - Cross-Site Scripting in Form Editor
CVSS 2.4
CVE-2025-11435
MEDIUM
JhumanJ OpnForm < 1.9.3 - Cross-Site Scripting in /show/submissions
CVSS 4.3
CVE-2025-11433
LOW
itsourcecode Leave Management System 1.0 - XSS
CVSS 3.5
Details
Vulnerabilities
45,114
Exploit Likelihood
High