CWE-80

High likelihood

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Parent: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as "<", ">", and "&" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages.

517 vulnerabilities with CWE-80
CVE-2025-62897 MEDIUM
Brecht WP Recipe Maker <10.1.1 - Basic XSS
CVSS 5.3
CVE-2025-11823 MEDIUM
Hasthemes Shoplentor < 3.2.5 - Basic XSS
CVSS 6.4
CVE-2025-11992 MEDIUM
Multi Item Responsive Slider <1.0 - CSRF
CVSS 6.1
CVE-2025-58970 MEDIUM
AmentoTech Doctreat <=1.6.7 - Code Injection
CVSS 6.3
CVE-2025-11966 MEDIUM
Eclipse Vert.x < 4.5.22 - Basic XSS
CVSS 6.4
CVE-2025-62418 MEDIUM
Webkul Bagisto < 2.3.8 - Basic XSS
CVSS 6.9
CVE-2025-62415 MEDIUM
Webkul Bagisto < 2.3.8 - Basic XSS
CVSS 6.9
CVE-2025-62414 MEDIUM
Webkul Bagisto < 2.3.8 - Basic XSS
CVSS 6.9
CVE-2025-0277 MEDIUM
HCL BigFix Mobile <3.3 - XSS
CVSS 6.5
CVE-2025-0276 MEDIUM
HCL BigFix MCM <3.3 - XSS
CVSS 6.5
CVE-2025-11161 MEDIUM
WPBakery Page Builder <8.6.1 - XSS
CVSS 6.4
CVE-2025-11160 MEDIUM
WPBakery Page Builder <8.6.1 - XSS
CVSS 6.4
CVE-2025-62172 HIGH
Pypi Homeassistant < 2025.10.2 - Basic XSS
CVE-2025-31992 MEDIUM
HCL Unica MaxAI Assistant - XSS
CVSS 4.6
CVE-2025-10496 HIGH
Cookie Notice & Consent <1.6.5 - XSS
CVSS 7.2
CVE-2025-52654 MEDIUM
Hcltech Dryice Myxalytics - Basic XSS
CVSS 4.6
CVE-2025-11241 MEDIUM
Yoast SEO Premium <25.9 - XSS
CVSS 6.4
CVE-2025-61583 MEDIUM
TS3 Manager <2.2.2 - XSS
CVSS 4.3
CVE-2025-58054 LOW
Discourse < 3.5.0 - Basic XSS
CVSS 3.5
CVE-2025-10128 MEDIUM
Eulerpool Research Systems <4.0.1 - XSS
CVSS 6.4
CVE-2025-60100 MEDIUM
8theme XStore <9.5.3 - Basic XSS
CVSS 5.3
CVE-2025-59573 MEDIUM
CozyBlocks <2.1.29 - Code Injection
CVSS 5.3
CVE-2025-57928 MEDIUM
Strategy11 Team AWP Classifieds <4.3.5 - Basic XSS
CVSS 5.3
CVE-2025-10125 MEDIUM
Memberlite Shortcodes <1.4 - XSS
CVSS 6.4
CVE-2025-58430 MEDIUM
listmonk <1.1.0 - CSRF
CVSS 6.1
Details
Vulnerabilities 517
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits