CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,298 vulnerabilities with CWE-79
CVE-2024-13352
HIGH
Legull < 1.2.2 - Reflected Cross-Site Scripting via Unsanitized Parameter
CVSS 7.1
CVE-2024-48589
MEDIUM
phpABook 0.9 - Cross-Site Scripting via rol Parameter
CVSS 6.3
CVE-2024-52892
MEDIUM
IBM Jazz for Service Management 1.1.3-1.1.3.23 - Unauthenticated Stored Cross-Site Scripting
CVSS 6.1
CVE-2024-57599
MEDIUM
DouPHP 1.8 Release 20231203 - Cross-Site Scripting via Description Parameter in Article Admin Page
CVSS 4.8
CVE-2024-57428
CRITICAL
PHPJabbers Cinema Booking System v2.0 - Stored Cross-Site Scripting via File Upload and Seat Configuration Fields
CVSS 9.3
CVE-2024-57427
MEDIUM
PHPJabbers Cinema Booking System 2.0 - Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-39272
CRITICAL
ClearML Enterprise Server 3.22.5-1533 - Cross-Site Scripting in Dataset Upload Functionality
CVSS 9.0
CVE-2024-49793
MEDIUM
IBM ApplinX 11.1 - Authenticated Stored Cross-Site Scripting
CVSS 5.4
CVE-2024-49792
MEDIUM
IBM ApplinX 11.1 - Authenticated Stored Cross-Site Scripting
CVSS 5.4
CVE-2024-49791
MEDIUM
IBM ApplinX 11.1 - Authenticated Stored Cross-Site Scripting
CVSS 6.4
CVE-2024-56472
MEDIUM
IBM Aspera Shares <1.10.0 PL6 - XSS
CVSS 6.4
CVE-2024-38318
MEDIUM
IBM Aspera Shares <1.9.0-1.10.0 PL6 - XSS
CVSS 4.8
CVE-2024-38317
MEDIUM
IBM Aspera Shares <1.10.0 PL6 - XSS
CVSS 4.8
CVE-2024-54853
MEDIUM
Skybox Change Manager <13.2.170 - XSS
CVSS 5.4
CVE-2024-52365
MEDIUM
IBM Cloud Pak for Business Automation <22.0.2 - XSS
CVSS 6.4
CVE-2024-52364
MEDIUM
IBM Cloud Pak for Business Automation <22.0.2 - XSS
CVSS 5.4
CVE-2024-53966
MEDIUM
Adobe Experience Manager <6.5.21 - XSS
CVSS 5.4
CVE-2024-53965
MEDIUM
Adobe Experience Manager <6.5.21 - XSS
CVSS 5.4
CVE-2024-53964
MEDIUM
Adobe Experience Manager <6.5.21 - XSS
CVSS 5.4
CVE-2024-53963
MEDIUM
Adobe Experience Manager <6.5.21 - XSS
CVSS 5.4
CVE-2024-53962
MEDIUM
Adobe Experience Manager <6.5.21 - XSS
CVSS 5.4
CVE-2024-53266
MEDIUM
Discourse - Cross-Site Scripting in User Profile Activity Streams
CVSS 4.3
CVE-2024-13722
MEDIUM
NagVis 1.9.40-1.9.41 and Checkmk 2.3.0p2-2.3.0p9 - Reflected Cross-Site Scripting
CVSS 5.4
CVE-2024-56328
MEDIUM
Discourse - Stored Cross-Site Scripting via Malicious Onebox URL
CVSS 6.5
CVE-2024-40700
MEDIUM
IBM Security Verify Access Appliance and Container <10.0.9 - XSS
CVSS 6.1
Details
Vulnerabilities
45,298
Exploit Likelihood
High