CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,293 vulnerabilities with CWE-79
CVE-2025-0458
MEDIUM
Virtual Computer Vysual RH Solution 2024.12.1 - XSS
CVSS 4.3
CVE-2025-23038
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting via remuneracao.php descricao Parameter
CVSS 5.4
CVE-2025-23037
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting via control.php cargo Parameter
CVSS 5.4
CVE-2025-23036
MEDIUM
WeGIA < 3.2.7 - Reflected Cross-Site Scripting via msg_e Parameter
CVSS 5.4
CVE-2025-23035
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting via tipo Parameter in adicionar_tipo_quadro_horario.php
CVSS 5.4
CVE-2025-23034
MEDIUM
WeGIA < 3.2.6 - Reflected Cross-Site Scripting via msg_e Parameter
CVSS 6.1
CVE-2025-23033
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting via adicionar_situacao.php situacao Parameter
CVSS 5.4
CVE-2025-23032
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting via escala Parameter in adicionar_escala.php
CVSS 5.4
CVE-2025-23031
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting via adicionar_alergia.php nome Parameter
CVSS 5.4
CVE-2025-23030
MEDIUM
WeGIA < 3.2.6 - Reflected Cross-Site Scripting via CPF Parameter
CVSS 6.1
CVE-2025-22619
MEDIUM
WeGIA < 3.2.6 - Reflected Cross-Site Scripting via msg_c Parameter
CVSS 6.1
CVE-2025-22618
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting via Cargo Parameter in adicionar_cargo.php
CVSS 5.4
CVE-2025-22617
MEDIUM
WeGIA < 3.2.7 - Reflected Cross-Site Scripting via socio Parameter
CVSS 6.1
CVE-2025-22616
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting via dependente_parentesco_adicionar.php descricao Parameter
CVSS 5.4
CVE-2025-22615
MEDIUM
WeGIA < 3.2.6 - Reflected Cross-Site Scripting via CPF Parameter in Cadastro_Atendido.php
CVSS 6.1
CVE-2025-22614
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting via dependente_editarInfoPessoal.php Parameters
CVSS 5.4
CVE-2025-22613
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting via informacao_adicional.php descricao Parameter
CVSS 5.4
CVE-2025-23026
MEDIUM
jte < 3.1.16 - Cross-Site Scripting via Unescaped JavaScript Template Strings
CVSS 6.1
CVE-2025-22142
MEDIUM
NamelessMC < 2.1.3 - Stored Cross-Site Scripting via Custom Profile Field
CVSS 5.4
CVE-2025-22588
HIGH
Scanventory <= 1.1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22586
HIGH
WPEX Replace DB Urls <= 0.4.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22583
HIGH
Anshul Sojatia Scan External Links <1.0 - XSS
CVSS 7.1
CVE-2025-22576
HIGH
Site PIN <= 1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22570
HIGH
Inline Tweets <= 2.0 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-22569
HIGH
Grandslambert Featured Page Widget <2.2 - XSS
CVSS 7.1
Details
Vulnerabilities
45,293
Exploit Likelihood
High