Falhas do tipo CWE-116
285 resultadosCVE-2025-6429MEDIUMIncorrect parsing of URLs could have allowed embedding of youtube.comEPSS 0.3%CVE-2023-31669MEDIUMWebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@' before a quote (").EPSS 0.3%CVE-2026-43938HIGHYAF.NET: Unauthenticated Stored Second-Order XSS in Admin Event Log via Reflected `User-Agent` HeaderEPSS 0.3%CVE-2026-27013HIGHFabric.js Affected by Stored XSS via SVG ExportEPSS 0.3%CVE-2026-25932HIGHGLPI has Stored XSS in Supplier 'Website' fieldEPSS 0.3%CVE-2026-53693MEDIUMMISP BSimVis stored cross-site scripting in tag and cluster rendering paths via unescaped tag metadata and UI labelsEPSS 0.3%CVE-2024-34715LOWPartial Password Exposure Vulnerability in Fides Webserver LogsEPSS 0.3%CVE-2026-31898HIGHjsPDF has a PDF Object Injection via FreeText colorEPSS 0.3%CVE-2024-56277MEDIUMWordPress Poll Maker Plugin < 5.5.5 - HTML Injection vulnerabilityEPSS 0.3%CVE-2024-4099LOWImproper Encoding or Escaping of Output in GitLabEPSS 0.3%CVE-2026-28499MEDIUMLeafKit's HTML escaping may be skipped for Collection values, enabling XSSEPSS 0.3%CVE-2026-47173MEDIUMQuest Bot: Ticket reason allows mass-mention injectionEPSS 0.3%CVE-2025-42896MEDIUMServer-Side Request Forgery (SSRF) in SAP BusinessObjects Business Intelligence PlatformEPSS 0.3%CVE-2025-30345LOWAn issue was discovered in OpenSlides before 4.2.5. When creating new chats via the chat_group.create action, the user is able to specify thEPSS 0.3%CVE-2026-33758CRITICALOpenBao has Reflected XSS in its OIDC authentication error messageEPSS 0.3%CVE-2026-1011MEDIUMStored Cross-Site Scripting in Altium Live Support Center Comment EndpointEPSS 0.3%CVE-2025-27108HIGHCross-site Scripting vulnerability due to improper use of string.replace in dom-expressionsEPSS 0.3%CVE-2026-24127MEDIUMTypemill has Reflected XSS via login error view templateEPSS 0.3%CVE-2026-28350MEDIUMlxml_html_clean: <base> tag injection through default Cleaner configurationEPSS 0.3%CVE-2026-48485LOWQuest Bot: Stored warn reasons can still trigger bot-powered mass mentions through `/warns`.EPSS 0.3%