CWE-80

High likelihood

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Parent: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as "<", ">", and "&" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages.

517 vulnerabilities with CWE-80
CVE-2025-13505 MEDIUM
Datateam Datactive < 2.14.0.6 - Basic XSS
CVSS 4.8
CVE-2025-54057 MEDIUM
Apache Skywalking < 10.3.0 - Basic XSS
CVSS 6.1
CVE-2025-64764 HIGH
Astro < 5.15.8 - Basic XSS
CVSS 7.1
CVE-2025-58412 MEDIUM
Fortinet FortiADC <8.0.0 - XSS
CVSS 4.7
CVE-2025-11267 MEDIUM
VK All in One Expansion Unit <9.112.1 - XSS
CVSS 6.4
CVE-2025-11265 MEDIUM
VK All in One Expansion Unit <9.112.1 - XSS
CVSS 6.4
CVE-2025-8386 MEDIUM
AVEVA Application Server - Authenticated XSS via App Objects Help Files
CVSS 6.9
CVE-2025-13180 LOW
Bdtask Wholesale < 2025-10-16 - Basic XSS
CVSS 3.5
CVE-2025-13178 LOW
Bdtask Saleserp < 2025-10-24 - Basic XSS
CVSS 3.5
CVE-2025-54348 MEDIUM
Desktopalert Pingalert Application Server < 6.1.1.4 - Basic XSS
CVSS 6.5
CVE-2025-54346 HIGH
Desktopalert Pingalert Application Server < 6.1.1.4 - Basic XSS
CVSS 7.6
CVE-2025-12753 MEDIUM
Chart Expert <1.0 - XSS
CVSS 6.4
CVE-2025-11874 MEDIUM
Slippy Slider <2.0 - XSS
CVSS 5.4
CVE-2025-64187 MEDIUM
Octoprint < 1.11.4 - Basic XSS
CVSS 4.4
CVE-2025-33110 MEDIUM
IBM OpenPages <9.1-9.0 - XSS
CVSS 5.4
CVE-2025-60244 HIGH
RealMag777 TableOn <1.0.4.2 - XSS
CVSS 7.1
CVE-2025-49398 MEDIUM
Easy Appointments <= 3.12.14 - XSS
CVSS 6.5
CVE-2025-11745 MEDIUM
Ad Inserter - Ad Manager & AdSense Ads <2.8.7 - XSS
CVSS 6.4
CVE-2025-11987 MEDIUM
Visual Link Preview <2.2.7 - XSS
CVSS 6.4
CVE-2025-48884 MEDIUM
Galette <1.1.5.2 - XSS
CVSS 6.1
CVE-2025-53883 CRITICAL
Container suse/manager/5.0/x86_64/server:latest - Basic XSS
CVE-2025-39663 HIGH
Checkmk < 2.3.0 - Basic XSS
CVSS 8.4
CVE-2025-62796 MEDIUM
Privatebin < 2.0.2 - Basic XSS
CVSS 5.8
CVE-2025-36121 MEDIUM
IBM Openpages - Basic XSS
CVSS 5.4
CVE-2025-62936 MEDIUM
Jthemes xSmart <= 1.2.9.4 - Basic XSS
CVSS 4.3
Details
Vulnerabilities 517
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits