Fallos del tipo CWE-79
26.052 resultadosCVE-2021-24274—Ultimate Maps by Supsystic < 1.2.5 - Reflected Cross-Site scripting (XSS)EPSS 17.6%CVE-2022-27926MEDIUMA reflected cross-site scripting (XSS) vulnerability in the /public/launchNewWindow.jsp component of Zimbra Collaboration (aka ZCS) 9.0 alloEPSS 17.3%KEVCVE-2024-11182MEDIUMStored XSS vulnerability in MDaemon Email ServerEPSS 17.1%KEVCVE-2025-31140MEDIUMIn JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles pageEPSS 16.9%CVE-2024-6931HIGHThe Events Calendar <= 6.6.3 - Unauthenticated Stored Cross-Site ScriptingEPSS 16.8%CVE-2021-24276—Contact Form by Supsystic < 1.7.15 - Reflected Cross-Site scripting (XSS)EPSS 16.1%CVE-2010-3243MEDIUMCross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in MicrosoEPSS 15.7%CVE-2008-2991MEDIUMCross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML viaEPSS 15.5%CVE-2023-0507HIGHGrafana is an open-source platform for monitoring and observability.
Starting with the 8.1 branch, Grafana had a stored XSS vulnerability EPSS 15.5%CVE-2022-4971MEDIUMSassy Social Share <= 3.3.3 - Reflected Cross-Site ScriptingEPSS 15.4%CVE-2022-0437MEDIUMCross-site Scripting (XSS) - DOM in karma-runner/karmaEPSS 15.2%CVE-2025-34175MEDIUMNetgate pfSense CE Suricata package v7.0.8_2 Reflected Cross-Site ScriptingEPSS 14.8%CVE-2024-31444MEDIUMCacti XSS vulnerability in lib/html.php by reading dirty data stored in databaseEPSS 14.7%CVE-2021-24291—Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS)EPSS 14.4%CVE-2024-47002HIGHA html code injection vulnerability exists in the vlan management part of Observium CE 24.4.13528. A specially crafted HTTP request can leadEPSS 14.4%CVE-2021-21800CRITICALCross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user vEPSS 14.1%CVE-2014-2120MEDIUMCross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackerEPSS 14.0%KEVCVE-2011-1252MEDIUMCross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office ShaEPSS 14.0%CVE-2021-24286—Redirect 404 to Parent < 1.3.1 - Reflected Cross-Site Scripting (XSS)EPSS 13.9%CVE-2019-3810MEDIUMA flaw was found in moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. The /userpix/ EPSS 13.9%