CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,390 vulnerabilities with CWE-79
CVE-2024-50585 MEDIUM
Numerix License Server Administration System Login - XSS
CVSS 4.7
CVE-2024-12325 MEDIUM
Waymark <= 1.4.1 - Unauthenticated Reflected Cross-Site Scripting via Content Parameter
CVSS 6.1
CVE-2024-12283 MEDIUM
WP Pipes <= 1.4.1 - Unauthenticated Reflected Cross-Site Scripting via x1 Parameter
CVSS 6.1
CVE-2024-54133 LOW
Action Pack <7.0.8.7, <7.1.5.1, <7.2.2.1, <8.0.0.1 - XSS
CVE-2024-53960 MEDIUM
Adobe Experience Manager <6.5.21 - XSS
CVSS 5.4
CVE-2024-52993 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52992 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52991 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52865 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Authenticated Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52864 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52862 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52861 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52860 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-52859 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52858 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52857 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52855 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52854 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52853 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52852 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52851 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52850 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52849 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52848 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52847 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
Details
Vulnerabilities 45,390
Exploit Likelihood High