CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,157 vulnerabilities with CWE-79
CVE-2025-5127
LOW
FLIR AX8 Firmware 1.46.0-1.46.16 - Cross-Site Scripting via /prod.php cmd Parameter
CVSS 3.5
CVE-2025-4223
MEDIUM
Page Builder: Pagelayer < 2.0.0 - Reflected Cross-Site Scripting via Login URL Parameter
CVSS 4.7
CVE-2025-5055
MEDIUM
Smart Forms < 2.6.98 - Authenticated Stored Cross-Site Scripting via Admin Settings
CVSS 4.4
CVE-2025-3869
MEDIUM
4stats <= 2.0.9 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Missing Nonce Validation
CVSS 6.1
CVE-2025-44998
MEDIUM
TinyFileManager 2.4.7 - Stored Cross-Site Scripting via js-theme-3 Parameter
CVSS 6.1
CVE-2025-48378
MEDIUM
DNN <9.13.9 - Cross-Site Scripting
CVSS 5.4
CVE-2025-48377
MEDIUM
DNN <9.13.9 - Cross-Site Scripting
CVSS 5.4
CVE-2025-43860
HIGH
OpenEMR < 7.0.3.4 - Authenticated Stored Cross-Site Scripting via Patient Demographics Address Fields
CVSS 7.6
CVE-2025-32794
HIGH
OpenEMR < 7.0.3.4 - Authenticated Stored Cross-Site Scripting via Patient Name Fields
CVSS 7.6
CVE-2025-48286
HIGH
catkin ReDi Restaurant Reservation <24.1209 - XSS
CVSS 7.1
CVE-2025-48245
HIGH
fullworks Quick Contact Form <8.2.1 - XSS
CVSS 7.1
CVE-2025-48241
HIGH
Verge3D <= 4.9.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-47680
HIGH
Michel - xiligroup dev xili-tidy-tags <1.12.06 - XSS
CVSS 7.1
CVE-2025-47678
HIGH
FunnelCockpit <= 1.4.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-47673
HIGH
Arconix Shortcodes <= 2.1.16 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-47618
HIGH
BMI Adult & Kid Calculator <1.2.2 - XSS
CVSS 7.1
CVE-2025-47613
HIGH
Mojoomla School Management <92.0.0 - XSS
CVSS 7.1
CVE-2025-47611
HIGH
Khaled User Meta <= 3.1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-47458
HIGH
B2i Investor Tools <= 1.0.7.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-46537
HIGH
Section Widget <= 3.3.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-46526
HIGH
My Custom Widgets <= 2.0.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-46518
MEDIUM
phpaddicted IGIT Related Posts With Thumb Image After Posts <4.5.3 ...
CVSS 6.5
CVE-2025-46515
HIGH
M A Vinoth Kumar Category Widget <2.0.2 - XSS
CVSS 7.1
CVE-2025-46493
MEDIUM
Wordwebsoftware Crossword Compiler Puzzles <5.3 - XSS
CVSS 6.5
CVE-2025-46487
HIGH
sftranna EC Authorize.net <0.3.3 - XSS
CVSS 7.1
Details
Vulnerabilities
45,157
Exploit Likelihood
High