CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,293 vulnerabilities with CWE-79
CVE-2024-42749
MEDIUM
Alto CMS 1.1.13 - Cross-Site Scripting
CVSS 6.1
CVE-2024-13992
MEDIUM
Nagios XI < 2024R1.1 - Stored Cross-Site Scripting via Missing Page
CVSS 5.4
CVE-2024-14001
MEDIUM
Nagios XI < 2024R1.1.3 - Cross-Site Scripting via Executive Summary Report
CVSS 5.4
CVE-2024-14000
MEDIUM
Nagios XI < 2024R1.1.3 - Cross-Site Scripting via Capacity Planning Report
CVSS 5.4
CVE-2024-13993
MEDIUM
Nagios XI < 2024R1.1.2 - Reflected Cross-Site Scripting via Login Page
CVSS 6.1
CVE-2024-44088
MEDIUM
Apache Geode < 1.15.2 - Stored Cross-Site Scripting via REST Web API
CVSS 6.1
CVE-2024-57494
MEDIUM
Neto E-Commerce CMS 6.313.0-6.3115 - Cross-Site Scripting via kw Parameter
CVSS 6.5
CVE-2024-12796
MEDIUM
Workcube ERP V12-V14 - Reflected Cross-Site Scripting
CVSS 5.3
CVE-2024-43184
MEDIUM
IBM Jazz Foundation 7.0.2-7.0.2 iFix033, 7.0.3-7.0.3 iFix012, 7.1.0-7.1.0 iFix002 - Unauthenticated Cross-Site Scripting
CVSS 6.1
CVE-2024-13073
MEDIUM
Akinsoft TaskPano s1.06.04 - Cross-Site Scripting
CVSS 4.7
CVE-2024-13071
MEDIUM
Akinsoft e-Mutabakat <2.02.06 - XSS
CVSS 4.3
CVE-2024-13064
MEDIUM
Akinsoft MyRezzta s2.02.02-v2.05.01 - Cross-Site Scripting
CVSS 4.3
CVE-2024-51423
MEDIUM
Infor Global HR < 11.23.03.00.21 - Cross-Site Scripting via Class Parameter
CVSS 6.1
CVE-2024-12974
MEDIUM
Akinsoft ProKuafr s1.02.07-v1.02.08 - Cross-Site Scripting
CVSS 4.3
CVE-2024-12972
MEDIUM
Akinsoft OctoCloud s1.09.01-v1.11.01 - Cross-Site Scripting
CVSS 4.3
CVE-2024-12914
MEDIUM
Aknsoft QR Men s1.05.05-v1.05.12 - Cross-Site Scripting
CVSS 4.3
CVE-2024-12923
MEDIUM
QNAP Photo Station 6.4.0-6.4.4 - Authenticated Stored Cross-Site Scripting
CVSS 5.4
CVE-2024-13987
MEDIUM
Synology RADIUS Server < 3.0.27-0453 - Authenticated Cross-Site Scripting
CVSS 5.9
CVE-2024-49790
MEDIUM
IBM Watson Studio on Cloud Pak for Data 4.0-5.0 - Authenticated Stored Cross-Site Scripting
CVSS 5.4
CVE-2024-35203
MEDIUM
Mahara < 22.10.6 - Stored Cross-Site Scripting via File Upload
CVSS 6.1
CVE-2024-45753
MEDIUM
Mahara < 23.04.9 - Cross-Site Scripting via External RSS Feed Link Attribute
CVSS 6.1
CVE-2024-39923
MEDIUM
Mahara 23.04.0-23.04.7 - Stored Cross-Site Scripting in Footer Links
CVSS 6.1
CVE-2024-12223
CRITICAL
Nutanix Prism Central < 2024.3.1 - Stored Cross-Site Scripting via Events Component
CVE-2024-37945
MEDIUM
WPBITS Addons For Elementor Page Builder <1.5 - XSS
CVSS 6.5
CVE-2024-52680
MEDIUM
EyouCMS 1.6.7 - Cross-Site Scripting in /login.php
CVSS 6.1
Details
Vulnerabilities
45,293
Exploit Likelihood
High