CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,414 vulnerabilities with CWE-79
CVE-2024-43725 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-43724 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-43723 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-43722 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-43721 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-43720 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2024-43719 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-43718 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-43715 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-43714 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-43713 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-43712 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2024-54049 MEDIUM
Adobe Connect < 11.4.9 - Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-54048 MEDIUM
Adobe Connect < 11.4.9 - Unauthenticated Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-54047 MEDIUM
Adobe Connect < 11.4.9 - Unauthenticated Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-54046 MEDIUM
Adobe Connect < 11.4.9 - Unauthenticated Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-54045 MEDIUM
Adobe Connect < 11.4.9 - Unauthenticated Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-54044 MEDIUM
Adobe Connect < 11.4.9 - Unauthenticated Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-54043 MEDIUM
Adobe Connect < 11.4.9 - Unauthenticated Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-54042 MEDIUM
Adobe Connect < 11.4.9 - Unauthenticated Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-54041 MEDIUM
Adobe Connect < 11.4.9 - Stored Cross-Site Scripting via Form Field Injection
CVSS 5.4
CVE-2024-54040 MEDIUM
Adobe Connect < 11.4.9 - Stored Cross-Site Scripting via Form Field Injection
CVSS 5.4
CVE-2024-54039 MEDIUM
Adobe Connect < 11.4.9 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-54037 HIGH
Adobe Connect < 11.4.9 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 8.1
CVE-2024-54036 CRITICAL
Adobe Connect < 11.4.9 - Stored Cross-Site Scripting in Form Fields
CVSS 9.3
Details
Vulnerabilities 45,414
Exploit Likelihood High