Falhas do tipo CWE-80
551 resultadosCVE-2025-54789MEDIUMFiles is Vulnerable to Reflected Self-XSS through its File Move FunctionalityEPSS 0.3%CVE-2026-57533LOWMalicious HTML content could be injected into the page pretix shows when
redirection to an untrusted page occurs. Since this page has a
CoEPSS 0.2%CVE-2024-38318MEDIUMIBM Aspera Shares HTML injectionEPSS 0.2%CVE-2026-42030MEDIUMMapServer: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in OpenLayers viewerEPSS 0.2%CVE-2025-58970MEDIUMWordPress Doctreat theme <= 1.6.7 - Content Injection vulnerabilityEPSS 0.2%CVE-2024-49337MEDIUMIBM OpenPages HTML injectionEPSS 0.2%CVE-2025-12803MEDIUMBold Builder <= 5.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_tabs ShortcodeEPSS 0.2%CVE-2024-51472LOWIBM DevOps Deploy / IBM UrbanCode Deploy HTML injectionEPSS 0.2%CVE-2025-69169MEDIUMWordPress Easy Media Download plugin <= 1.1.11 - CSS Injection vulnerabilityEPSS 0.2%CVE-2024-2010HIGHReflected XSS in TE Informatics' V5 SoftwareEPSS 0.2%CVE-2026-25764LOWOpenProject vulnerable to Stored HTML injectionEPSS 0.2%CVE-2025-66486MEDIUMMultiple vulnerabilities have been addressed in IBM Aspera SharesEPSS 0.2%CVE-2025-4126MEDIUMEG-Series <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.2%CVE-2025-29427MEDIUMCode-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in profile.php via the member_first aEPSS 0.2%CVE-2025-64637MEDIUMWordPress Auros Core plugin <= 5.3.1 - Content Injection vulnerabilityEPSS 0.2%CVE-2025-62936MEDIUMWordPress xSmart theme <= 1.2.9.4 - Content Injection vulnerabilityEPSS 0.2%CVE-2026-20047MEDIUMCisco Identity Services Engine Cross-Site Scripting VulnerabilityEPSS 0.2%CVE-2025-3521MEDIUMTeam Members – Best WordPress Team Plugin with Team Slider, Team Showcase & Team Builder <= 3.4.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-61583MEDIUMTS3 Manager is vulnerable to unauthenticated reflected XSS attack due to insecure error handlingEPSS 0.2%CVE-2025-64633MEDIUMWordPress Norebro Extra plugin <= 1.6.8 - Content Injection vulnerabilityEPSS 0.2%