Fallos del tipo CWE-79
26.052 resultadosCVE-2022-29034MEDIUMA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interfaEPSS 28.1%CVE-2022-20966MEDIUMA vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conEPSS 27.6%CVE-2025-0370MEDIUMWP Shortcodes Plugin — Shortcodes Ultimate <= 7.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via src ParameterEPSS 27.5%CVE-2024-2123HIGHUltimate Member <= 2.8.3 - Unauthenticated Stored Cross-Site ScriptingEPSS 26.7%CVE-2021-24563—Frontend Uploader <= 1.3.2 - Unauthenticated Stored Cross-Site ScriptingEPSS 26.4%CVE-2024-47525HIGHStored XSS ('Cross-site Scripting') in librenms/includes/html/print-alert-rules.phpEPSS 26.2%CVE-2007-4465MEDIUMCross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated pEPSS 26.2%CVE-2024-57041MEDIUMA persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' seEPSS 26.1%CVE-2024-24494MEDIUMCross Site Scripting vulnerability in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via the day, exercise, prEPSS 25.9%CVE-2023-47505MEDIUMWordPress Elementor Website Builder Plugin <= 3.16.4 is vulnerable to Cross Site Scripting (XSS)EPSS 25.3%CVE-2026-20945MEDIUMMicrosoft SharePoint Server Spoofing VulnerabilityEPSS 25.1%CVE-2025-12101MEDIUMCross-Site Scripting (XSS)EPSS 24.6%CVE-2023-34941MEDIUMA stored cross-site scripting (XSS) vulnerability in the urlFilterList function of Asus RT-N10LX Router v2.0.0.39 allows attackers to executEPSS 24.5%CVE-2024-7008MEDIUMCalibre Reflected Cross-Site Scripting (XSS)EPSS 24.1%CVE-2024-37389MEDIUMApache NiFi: Improper Neutralization of Input in Parameter Context DescriptionEPSS 24.0%CVE-2021-24891—Elementor < 3.4.8 - DOM Cross-Site-ScriptingEPSS 24.0%CVE-2018-19953MEDIUMIf exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issuEPSS 23.9%KEVCVE-2020-2036HIGHPAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interfaceEPSS 23.9%CVE-2024-55416LOWDevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. By manipulating an authenticated user to click on aEPSS 23.9%CVE-2018-6882MEDIUMCross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 EPSS 23.7%KEV