CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,147 vulnerabilities with CWE-79
CVE-2025-49575
MEDIUM
citizen < 3.3.1 - Stored Cross-Site Scripting via CommandPaletteFooter System Messages
CVSS 6.5
CVE-2025-49185
MEDIUM
SICK Field Analytics - Stored Cross-Site Scripting via Dashboard Widget Transform Function
CVSS 5.5
CVE-2025-2254
HIGH
GitLab 17.9-17.10.8, 17.11-17.11.4, 18.0-18.0.2 - Cross-Site Scripting in Snippet Viewer
CVSS 8.7
CVE-2025-5301
MEDIUM
OnlyOffice Docs (DocumentServer) <= 8.3.1 - Reflected Cross-Site Scripting via WOPI Protocol
CVSS 6.1
CVE-2025-32465
HIGH
RSTickets! component for Joomla 1.9.12-3.3.0 - Stored Cross-Site Scripting
CVE-2025-0917
MEDIUM
IBM Cognos Analytics 11.2.0-11.2.4, 12.0.0-12.0.4 - Stored Cross-Site Scripting
CVSS 5.5
CVE-2025-48447
HIGH
Drupal Lightgallery < 1.6.0 - Cross-Site Scripting
CVSS 7.1
CVE-2025-5144
MEDIUM
The Events Calendar <= 6.13.2 - Authenticated Stored Cross-Site Scripting via Data-Date Parameters
CVSS 6.4
CVE-2025-3302
HIGH
Xagio SEO - AI Powered SEO <7.1.0.16 - XSS
CVSS 7.2
CVE-2025-4666
MEDIUM
Zotpress <= 7.3.15 - Authenticated Stored Cross-Site Scripting via Nickname Parameter
CVSS 6.4
CVE-2025-5984
LOW
Online Student Clearance System 1.0 - Cross-Site Scripting via txtamt Parameter
CVSS 3.5
CVE-2025-47117
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47116
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47115
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47114
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47113
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47094
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Reflected Cross-Site Scripting
CVSS 6.1
CVE-2025-47093
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47092
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47091
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47090
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47089
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47088
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47087
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-47086
MEDIUM
Adobe Experience Manager < 6.5.23.0 and < 2025.5.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
Details
Vulnerabilities
45,147
Exploit Likelihood
High