Fallos del tipo CWE-80

550 resultados
CVE-2025-62172HIGHHome Assistant vulnerable to Stored XSS in Energy dashboard from Energy Entity NameEPSS 0.5%CVE-2024-24807LOWSulu is vulnerable to HTML Injection via Autocomplete SuggestionEPSS 0.5%CVE-2023-26047MEDIUMteler-waf contains detection rule bypass via entities payloadEPSS 0.5%CVE-2019-19285A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow injections that could lead to XSS attacks if EPSS 0.5%CVE-2021-37195A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 onlEPSS 0.5%CVE-2025-23919MEDIUMWordPress Slides & Presentations Plugin <= 0.0.39 - Content Injection vulnerabilityEPSS 0.5%CVE-2026-24128MEDIUMXWiki Affected by Reflected Cross-Site Scripting (XSS) in Error MessagesEPSS 0.5%CVE-2023-5582LOWZZZCMS Personal Profile Page cross site scriptingEPSS 0.5%CVE-2018-25039LOWThomson TCW710 RgUrlBlock.asp Persistent cross site scritingEPSS 0.5%CVE-2017-20085LOWAtahualpa Theme cross site scritingEPSS 0.5%CVE-2023-46722MEDIUMPimcore Admin Classic Bundle Cross-site Scripting (XSS) in PDF previewsEPSS 0.5%CVE-2019-5450Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in EPSS 0.5%CVE-2022-38210MEDIUMHTML injection in accountswitcher-callback.html (10.9.1, 10.8.1 and 10.7.1 only)EPSS 0.5%CVE-2022-35850MEDIUMAn improper neutralization of script-related HTML tags in a web page vulnerability [CWE-80] in FortiAuthenticator versions 6.4.0 through 6.4EPSS 0.5%CVE-2017-20098LOWAdmin Custom Login Plugin Persistent cross site scriptingEPSS 0.5%CVE-2024-33831HIGHA stored cross-site scripting (XSS) vulnerability in the Advanced Expectation - Response module of yapi v1.10.2 allows attackers to execute EPSS 0.5%CVE-2024-20362MEDIUMA vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could alEPSS 0.5%CVE-2025-21612HIGHCross-site Scripting in TabberTransclude in Extension:TabberNeueEPSS 0.5%CVE-2017-20140MEDIUMItech Movie Portal Script movie.php Reflected cross site scriptingEPSS 0.5%CVE-2024-37297MEDIUMWooCommerce has a Cross-Site Scripting Vulnerability in checkout & registration formsEPSS 0.5%