Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-80

CWE-80

High likelihood

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Parent: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as "<", ">", and "&" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages.

538 vulnerabilities with CWE-80

CVE-2017-20116 LOW

TrueConf Server < 5.0.2 - Reflected Cross-Site Scripting via checked_group_id Parameter

CVE-2017-20115 LOW

TrueConf Server < 5.0.2 - Reflected Cross-Site Scripting via sort Parameter

CVE-2017-20114 LOW

TrueConf Server < 5.0.2 - Reflected Cross-Site Scripting via keys[] Parameter

CVE-2017-20113 LOW

TrueConf Server < 5.0.2 - Stored Cross-Site Scripting

CVE-2017-20108 LOW

Easy Table Plugin < 1.6 - Cross-Site Scripting via options-general.php Input

CVE-2017-20098 LOW

Admin Custom Login Plugin <2.4.5.2 - XSS

CVE-2017-20100 LOW

Air Transfer 1.0.14/1.2.1 - Cross-Site Scripting

CVE-2017-20097 LOW

WP-Filebase Download Manager Plugin <3.4.4 - XSS

CVE-2017-20096 LOW

WP-SpamFree Anti-Spam Plugin 2.1.1.4 - XSS

CVE-2017-20094 LOW

NewStatPress Plugin 1.2.4 - Stored Cross-Site Scripting

CVE-2017-20092 LOW

Google Analytics Dashboard Plugin 2.1.1 - XSS

CVE-2017-20089 LOW

Gwolle Guestbook Plugin <1.7.4 - XSS

CVE-2017-20087 LOW

Alpine PhotoTile for Instagram Plugin <1.2.7.7 - XSS

CVE-2017-20085 LOW

Atahualpa Theme - Cross-Site Scripting

CVE-2017-20061 MEDIUM

Elefant CMS < 1.3.13 - Cross-Site Scripting via Admin Extended Page Name Parameter

CVE-2017-20060 LOW

Elefant CMS < 1.3.13 - Stored Cross-Site Scripting in Blog Post Handler

CVE-2017-20059 LOW

Elefant CMS < 1.3.13 - Stored Cross-Site Scripting in Title Handler

CVE-2017-20058 MEDIUM

Elefant CMS <1.3.13 - XSS

CVE-2017-20057 MEDIUM

Elefant CMS < 1.3.13 - Stored Cross-Site Scripting via Username Parameter

CVE-2017-20056 LOW

weblizar User Login Log Plugin 2.2.1 - XSS

CVE-2017-20055 LOW

BestWebSoft Contact Form Plugin <4.0.0 - XSS

CVE-2017-20054 LOW

XYZScripts Contact Form Manager Plugin - XSS

CVE-2017-20044 MEDIUM

Navetti PricePoint 4.6.0.0 - Reflected Cross-Site Scripting

CVE-2017-20043 MEDIUM

Navetti PricePoint 4.6.0.0 - Stored Cross-Site Scripting

CVE-2017-20036 LOW

phplist 3.2.6 - Stored Cross-Site Scripting in Bounce Rule Component

Previous Page 21 of 22 Next

Details

Vulnerabilities 538

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy