Fallos del tipo CWE-79
26.052 resultadosCVE-2022-0832MEDIUMCross-site Scripting (XSS) - Stored in pimcore/pimcoreEPSS 66.6%CVE-2022-36801MEDIUMAffected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a RefEPSS 64.9%CVE-2023-28651MEDIUMCross-site scripting vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. If a user who can access the affected produEPSS 64.8%CVE-2022-21662HIGHStored XSS in WordPressEPSS 64.7%CVE-2022-36094HIGHXWiki Platform Web Parent POM vulnerable to XSS in the attachment historyEPSS 64.1%CVE-2023-2164MEDIUMImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLabEPSS 63.8%CVE-2021-21801CRITICALThis vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially craftEPSS 63.4%CVE-2024-50599MEDIUMA reflected Cross-Site Scripting (XSS) vulnerability has been identified in Zimbra Collaboration Suite (ZCS) 8.8.15, affecting one of the weEPSS 61.3%CVE-2022-25772CRITICALA cross-site scripting (XSS) vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executableEPSS 61.2%CVE-2023-34220MEDIUMIn JetBrains TeamCity before 2023.05 stored XSS in the Commit Status Publisher window was possibleEPSS 61.2%CVE-2023-34225MEDIUMIn JetBrains TeamCity before 2023.05 stored XSS in the NuGet feed page was possibleEPSS 60.7%CVE-2022-46889MEDIUMA persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject EPSS 60.1%CVE-2022-36096HIGHXWiki Platform vulnerable to Cross-site Scripting in the deleted attachments listEPSS 59.5%CVE-2022-48343MEDIUMIn JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process.EPSS 59.5%CVE-2024-27136MEDIUMApache JSPWiki: Cross-site scripting vulnerability on upload pageEPSS 59.4%CVE-2025-2748MEDIUMKentico Xperience stored cross-site scripting in multiple-file upload functionalityEPSS 59.1%CVE-2023-37580MEDIUMZimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client.EPSS 59.0%KEVCVE-2022-32174CRITICALGogs - XSSEPSS 58.0%CVE-2023-22249MEDIUMAdobe Commerce Stored XSS Arbitrary code executionEPSS 57.4%CVE-2022-36097HIGHXWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment formEPSS 57.4%