Falhas do tipo CWE-80
552 resultadosCVE-2025-20342MEDIUMCisco Integrated Management Controller Virtual Keyboard Video Monitor (vKVM) Stored Cross-Site Scripting VulnerabilityEPSS 0.2%CVE-2025-20331MEDIUMCisco Identity Services Engine Stored Cross-Site Scripting VulnerabiliyEPSS 0.2%CVE-2025-15345MEDIUMMapGeo - Interactive Geo Maps <= 1.6.27 - Reflected Cross-Site Scripting via 'map' ParameterEPSS 0.2%CVE-2025-11823MEDIUMShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.2%CVE-2025-32027MEDIUMYii does not prevent XSS in scenarios where fallback error renderer is usedEPSS 0.2%CVE-2025-11265MEDIUMVK All in One Expansion Unit <= 9.112.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-11267MEDIUMVK All in One Expansion Unit <= 9.112.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-13178MEDIUMBdtask/CodeCanyon SalesERP User Profile edit_profile cross site scriptingEPSS 0.2%CVE-2025-14735MEDIUMAmazon affiliate lite Plugin <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-45160MEDIUMA HTML injection vulnerability exists in the file upload functionality of Cacti <= 1.2.29. When a file with an invalid format is uploaded, tEPSS 0.2%CVE-2025-13180MEDIUMBdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System edit_profile cross site scriptingEPSS 0.2%CVE-2025-52897MEDIUMGLPI is vulnerable to XSS and open redirection attacks through planning featureEPSS 0.2%CVE-2025-11987MEDIUMVisual Link Preview <= 2.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via visual-link-preview ShortcodeEPSS 0.2%CVE-2025-2895MEDIUMIBM Cloud Pak System HTML injectionEPSS 0.2%CVE-2026-43939HIGHYAF.NET: Stored XSS in Forum Thread Posts/Replies Allowing Arbitrary JavaScript Execution for All Thread ViewersEPSS 0.2%CVE-2024-49343MEDIUMIBM Informix Dynamic Server HTML injectionEPSS 0.2%CVE-2026-39626MEDIUMWordPress Armania theme <= 1.4.8 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.2%CVE-2025-4168MEDIUMSubpage List <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-1834MEDIUMIbtana - WordPress Website Builder <= 1.2.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.2%CVE-2026-12812MEDIUMRadware Cyber Controller HTML Report Generation HTML injectionEPSS 0.2%