Fallos del tipo CWE-80
552 resultadosCVE-2026-27166MEDIUMDiscourse vulnerable to HTML injection via prohibited iframe URLsEPSS 0.2%CVE-2026-25054HIGHn8n is Vulnerable to Stored Cross-Site Scripting via Markdown Rendering in Workflow UIEPSS 0.2%CVE-2026-27578HIGHn8n Vulnerable to Stored XSS via Various NodesEPSS 0.2%CVE-2025-27514MEDIUMGLPI is susceptible to Stored XSS attack through project's kanbanEPSS 0.2%CVE-2026-40875HIGHmailcow: dockerized vulnerable to stored XSS in user login history real_ripEPSS 0.2%CVE-2026-41575MEDIUMth30d4y/IP: DOM-Based Cross-Site Scripting (XSS) VulnerabilityEPSS 0.2%CVE-2026-39839MEDIUMStored XSS through URLs in Cargo's map formatEPSS 0.2%CVE-2025-10128MEDIUMEulerpool Research Systems <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-39425MEDIUMMaxKB: Stored XSS via Unsanitized html_rander Tags in Markdown RenderingEPSS 0.2%CVE-2026-44839MEDIUMRabbitMQ: Unsanitized vhost names allow for XSS in management UIEPSS 0.2%CVE-2025-31604MEDIUMWordPress Cal.com plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-31075MEDIUMWordPress MicroPayments plugin <= 2.9.29 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-22402LOWDell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization of Script-Related HTML Tags in a Web Page EPSS 0.2%CVE-2025-59540MEDIUMChamilo: Stored Cross-Site Scripting (XSS) in Chamilo LMS Exercise FeedbackEPSS 0.2%CVE-2025-27358MEDIUMWordPress Frontend File Manager plugin <= 23.6 - Content Injection vulnerabilityEPSS 0.2%CVE-2026-50146HIGHAstro: Reflected XSS via unescaped slot nameEPSS 0.2%CVE-2025-13505MEDIUMStored XSS in Datateam's DatactiveEPSS 0.2%CVE-2026-33657MEDIUMEspoCRM: Stored HTML injection in email notifications about stream notes via unescaped post fieldEPSS 0.2%CVE-2025-6247MEDIUMWordPress Automatic Plugin - AI content generator and auto poster plugin <= 3.118.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-66450HIGHLibreChat JSON Injection in Chat POST Allows Remote Resource Inclusion and PXSS via Image UploadEPSS 0.2%