CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,293 vulnerabilities with CWE-79
CVE-2024-7083
LOW
Email Encoder < 2.3.4 - Admin+ Stored XSS
CVSS 3.5
CVE-2024-4867
MEDIUM
Cross-Site Scripting via Developer Portal in WSO2 API Manager Enables UI Modification and Information Retrieval
CVSS 5.4
CVE-2024-10242
MEDIUM
Reflected Cross-Site Scripting via Authentication Endpoint in WSO2 API Manager Allows UI Modification and Redirection
CVSS 6.1
CVE-2024-46879
MEDIUM
Tiki < 21.11 - Reflected Cross-Site Scripting via tiki-admin_system.php zipPath Parameter
CVSS 5.4
CVE-2024-46878
MEDIUM
Tiki < 27.1 - Cross-Site Scripting via tiki-editpage.php Page Parameter
CVSS 5.4
CVE-2024-51226
MEDIUM
Phpgurukul Vehicle Record Management System 1.0 - XSS
CVSS 6.1
CVE-2024-51225
MEDIUM
Phpgurukul Vehicle Record Management System 1.0 - XSS
CVSS 4.8
CVE-2024-51224
MEDIUM
Phpgurukul Vehicle Record Management System 1.0 - XSS
CVSS 4.8
CVE-2024-51223
MEDIUM
Phpgurukul Vehicle Record Management System 1.0 - XSS
CVSS 4.8
CVE-2024-51222
MEDIUM
Phpgurukul Vehicle Record Management System 1.0 - XSS
CVSS 4.8
CVE-2024-31119
MEDIUM
WordPress Download Special Box for Content plugin <= 1 - Cross Site Scripting (XSS) vulnerability
CVSS 5.9
CVE-2024-42210
HIGH
HCL Unica Marketing Operations v12.1.8 and lower is affected by a Stored cross-site scripting (XSS) vulnerability
CVSS 7.6
CVE-2024-35644
MEDIUM
Preferred Languages <= 2.2.2 - DOM-Based Cross-Site Scripting
CVSS 5.9
CVE-2024-56208
MEDIUM
NewsMash <= 1.0.71 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-52387
MEDIUM
Master Addons for Elementor <=2.0.9.9.4 - XSS
CVSS 5.9
CVE-2024-51915
MEDIUM
LiteSpeed Cache <= 6.5.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-50555
MEDIUM
Elementor Website Builder <=3.29.0 - XSS
CVSS 6.5
CVE-2024-50452
MEDIUM
POSIMYTH Nexter Blocks <= 3.3.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-31088
MEDIUM
AdsPlace'r - Ad Manager, Inserter, AdSense Ads <= 1.1.5 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-30547
HIGH
Shazdeh Header Image Slider <0.4 - XSS
CVSS 7.1
CVE-2024-53735
HIGH
Corourke iPhone Webclip Manager - XSS
CVSS 7.1
CVE-2024-30461
HIGH
Tumult Hype Animations <1.9.11 - XSS
CVSS 7.1
CVE-2024-23511
MEDIUM
The Plus Addons for Elementor Page Builder Lite <= 5.3.3 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-40317
MEDIUM
MyNET < 26.08 - Reflected Cross-Site Scripting via HTTP Parameter
CVSS 6.1
CVE-2024-35322
MEDIUM
MyNET < 26.08 - Reflected Cross-Site Scripting via Ficheiro Parameter
CVSS 6.1
Details
Vulnerabilities
45,293
Exploit Likelihood
High