Weaknesses of type CWE-80
552 resultsCVE-2026-32732NONEXSS in @leanprover/unicode-input-componentEPSS 0.3%CVE-2026-6002HIGHHTML Injection in DivvyDrive Information Technologies' DivvyDriveEPSS 0.3%CVE-2026-40873HIGHmailcow: dockerized vulnerable to stored XSS in Quarantine attachment filenamesEPSS 0.3%CVE-2023-51308MEDIUMPHPJabbers Car Park Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, EPSS 0.3%CVE-2024-22277MEDIUMVMware Cloud Director Availability contains an HTML injection vulnerability.
A
malicious actor with network access to VMware Cloud DirectoEPSS 0.3%CVE-2025-53835CRITICALXWiki Rendering is vulnerable to XSS attacks through insecure XHTML syntaxEPSS 0.3%CVE-2023-29112LOWCode Injection vulnerability in SAP Application Interface Framework (Message Monitoring)EPSS 0.3%CVE-2023-29110LOWCode Injection vulnerability in SAP Application Interface Framework (Message Dashboard)EPSS 0.3%CVE-2024-13704HIGHSuper Testimonials <= 4.0.1 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-26482HIGHAn HTML injection vulnerability exists in the Edit Content Layout module of Kirby CMS v4.1.0. NOTE: the vendor disputes the significance of EPSS 0.3%CVE-2024-54223MEDIUMWordPress ARForms plugin <= 1.7.1 - HTML Injection vulnerabilityEPSS 0.3%CVE-2025-62198MEDIUMApache Atlas: Stored XSS in Create Entity pageEPSS 0.3%CVE-2024-47782HIGHCross-site Scripting (XSS) in Special:WikiDiscover when displaying wiki information in WikiDiscoverEPSS 0.3%CVE-2023-46235MEDIUMFOG stored XSS on log screen via unsanitized request loggingEPSS 0.3%CVE-2024-20460MEDIUMCisco ATA 190 Series Analog Telephone Adapter Firmware Reflected Cross-Site Scripting VulnerabilityEPSS 0.3%CVE-2025-11241MEDIUMYoast SEO Premium 25.7-25.9 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-47612LOWXSS in Special:DataDump when displaying dump statusEPSS 0.3%CVE-2026-57535LOWContent injected to PDF rendering contexts could, in many places, include HTML content including <img> tags. If the src
attribute of these EPSS 0.3%CVE-2023-35006MEDIUMIBM Security ReaQta HTML injectionEPSS 0.3%CVE-2025-8029HIGHjavascript: URLs executed on object and embed tagsEPSS 0.3%