CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,297 vulnerabilities with CWE-79
CVE-2024-51963
MEDIUM
ArcGIS Server 10.9.1-11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51960
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51959
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51957
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51956
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51953
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51952
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51951
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51950
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51949
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51948
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51947
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51946
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51945
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51944
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-51942
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-10904
MEDIUM
ArcGIS Server < 11.3 - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2024-53384
MEDIUM
tsup 8.3.4 - Remote Code Execution via DOM Clobbering in cjs_shims.js
CVSS 5.1
CVE-2024-51091
MEDIUM
seajs 2.2.3 - Cross-Site Scripting via seajs Package
CVSS 5.4
CVE-2024-57240
MEDIUM
Apryse WebViewer < 11.1 - Cross-Site Scripting via Crafted PDF File
CVSS 5.4
CVE-2024-53388
HIGH
mavo v0.3.2 - DOM Clobbering
CVSS 8.8
CVE-2024-53387
HIGH
umeditor 1.2.3 - DOM Clobbering
CVSS 8.8
CVE-2024-54179
MEDIUM
IBM Business Automation Workflow <24.0.2 - XSS
CVSS 5.4
CVE-2024-8186
MEDIUM
GitLab 16.6-17.7.5, 17.8-17.8.3, 17.9 - Cross-Site Scripting via Child Item Search
CVSS 5.4
CVE-2024-53386
MEDIUM
stage.js < 0.8.10 - DOM Clobbering and Cross-Site Scripting via document.currentScript Shadowing
CVSS 4.9
Details
Vulnerabilities
45,297
Exploit Likelihood
High