Falhas do tipo CWE-79
25.980 resultadosCVE-2021-21029MEDIUMMagento Commerce Reflected Cross-site Scripting Vulnerability Could Lead To Arbitrary JavaScript ExecutionEPSS 84.7%CVE-2021-41174MEDIUMXSS vulnerability allowing arbitrary JavaScript executionEPSS 84.6%CVE-2022-2753—Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated Stored XSSEPSS 84.1%CVE-2020-11023MEDIUMPotential XSS vulnerability in jQueryEPSS 83.8%KEVCVE-2022-30690CRITICALA cross-site scripting (xss) vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A speciaEPSS 83.6%CVE-2023-23074MEDIUMCross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via embedding videos in the language component.EPSS 83.6%CVE-2023-3388HIGHBeautiful Cookie Consent Banner <= 2.10.1 - Unauthenticated Stored Cross-Site ScriptingEPSS 83.6%CVE-2021-23174LOWWordPress Download Monitor plugin <= 4.4.6 - Auth. Stored Cross-Site Scripting (XSS) vulnerabilityEPSS 83.2%CVE-2023-49785CRITICALNextChat vulnerable to Server-Side Request Forgery and Cross-site ScriptingEPSS 83.2%CVE-2024-42009CRITICALA Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails ofEPSS 82.9%KEVCVE-2023-25762MEDIUMJenkins Pipeline: Build Step Plugin 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet GenerEPSS 81.4%CVE-2022-25305HIGHWP Statistics <= 13.1.5 Unauthenticated Stored Cross-Site Scripting via IPEPSS 81.2%CVE-2023-24488MEDIUMCross site scriptingEPSS 80.9%CVE-2024-28156MEDIUMJenkins Build Monitor View Plugin 1.14-860.vd06ef2568b_3f and earlier does not escape Build Monitor View names, resulting in a stored cross-EPSS 80.0%CVE-2023-40176CRITICALSXSS in the user profile via the timezone displayerEPSS 78.9%CVE-2024-28741HIGHCross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php coEPSS 78.2%CVE-2024-46538CRITICALA cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payloadEPSS 77.9%CVE-2024-54003HIGHJenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting (XSS) vulnerability EPSS 77.5%CVE-2023-34192CRITICALCross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted scrEPSS 77.3%KEVCVE-2022-1179MEDIUMNon-Privilege User Can Created New Rule and Lead to Stored Cross Site Scripting in openemr/openemrEPSS 76.9%