CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,239 vulnerabilities with CWE-79
CVE-2025-29790
MEDIUM
Contao 4.0.0-4.13.53 and core-bundle 4.0.0-4.13.54 - Stored Cross-Site Scripting via SVG Upload
CVSS 5.4
CVE-2025-2491
LOW
Dromara ujcms 9.7.5 - Stored Cross-Site Scripting in Edit Template File Page
CVSS 2.4
CVE-2025-2490
LOW
Dromara ujcms 9.7.5 - Cross-Site Scripting via File Upload
CVSS 2.4
CVE-2025-2495
MEDIUM
Softdial Contact Center - Stored Cross-Site Scripting via XML File Upload
CVSS 5.4
CVE-2025-29429
MEDIUM
Online Class and Exam Scheduling System 1.0 - Cross-Site Scripting via id, code, and name Parameters
CVSS 6.1
CVE-2025-30143
MEDIUM
Akamai App & API Protector <2 - Code Injection
CVSS 5.4
CVE-2025-26127
MEDIUM
FileCloud 23.241.2 - Stored Cross-Site Scripting via Send for Approval Function
CVSS 5.0
CVE-2025-25612
HIGH
FS Inc S3150-8T2F <S3150-8T2F_2.2.0D_135103 - XSS
CVSS 7.1
CVE-2025-27102
MEDIUM
OBiBa Agate < 3.3.0 - Unauthenticated Stored Cross-Site Scripting via User Registration
CVE-2025-0833
HIGH
3DEXPERIENCE ENOVIA R2023x-R2024x - Stored Cross-Site Scripting in Route Management
CVSS 8.7
CVE-2025-0832
HIGH
3DEXPERIENCE ENOVIA R2022x-R2024x - Stored Cross-Site Scripting in Project Gantt
CVSS 8.7
CVE-2025-0830
HIGH
3DEXPERIENCE ENOVIA R2022x-R2024x - Stored Cross-Site Scripting in Meeting Management
CVSS 8.7
CVE-2025-0829
HIGH
3DEXPERIENCE ENOVIA R2022x-R2024x - Stored Cross-Site Scripting in 3D Markup
CVSS 8.7
CVE-2025-0828
HIGH
3DEXPERIENCE ENOVIA R2022x-R2024x - Stored Cross-Site Scripting in Engineering Release
CVSS 8.7
CVE-2025-0827
HIGH
3DSwymer 3DEXPERIENCE R2022x-R2024x - Stored Cross-Site Scripting in 3DPlay
CVSS 8.7
CVE-2025-0826
HIGH
3DEXPERIENCE ENOVIA R2022x-R2024x - Stored Cross-Site Scripting in 3D Navigate
CVSS 8.7
CVE-2025-0601
HIGH
ENOVIA Collaborative Industry Innovator <R2024x - XSS
CVSS 8.7
CVE-2025-0600
HIGH
ENOVIA Collaborative Industry Innovator <R2024x - XSS
CVSS 8.7
CVE-2025-0599
HIGH
ENOVIA Collaborative Industry Innovator <R2024x - XSS
CVSS 8.7
CVE-2025-0598
HIGH
ENOVIA Collaborative Industry Innovator <R2024x - XSS
CVSS 8.7
CVE-2025-0596
HIGH
ENOVIA Collaborative Industry Innovator <R2024x - XSS
CVSS 8.7
CVE-2025-0595
HIGH
3DSwymer 3DEXPERIENCE R2022x-R2024x - Stored Cross-Site Scripting in 3DDashboard
CVSS 8.7
CVE-2025-2377
LOW
SourceCodester Vehicle Management System 1.0 - Cross-Site Scripting via confirmbooking.php id Parameter
CVSS 3.5
CVE-2025-2375
LOW
PHPGurukul Human Metapneumovirus Testing Management System 1.0 - XSS via Admin Profile Email
CVSS 3.5
CVE-2025-2371
LOW
Human Metapneumovirus Testing Management System 1.0 - Cross-Site Scripting via regmobilenumber Parameter
CVSS 3.5
Details
Vulnerabilities
45,239
Exploit Likelihood
High