Falhas do tipo CWE-83
22 resultadosCVE-2023-37908CRITICALorg.xwiki.rendering:xwiki-rendering-xml Improper Neutralization of Invalid Characters in Identifiers in Web Pages vulnerabilityEPSS 1.1%CVE-2025-4615MEDIUMPAN-OS: Improper Neutralization of Input in the Management Web InterfaceEPSS 0.7%CVE-2023-32070CRITICALImproper Neutralization of Script in Attributes in XWiki (X)HTML renderersEPSS 0.7%CVE-2022-39262MEDIUMStored Cross-Site Scripting (XSS) on login page in GLPIEPSS 0.6%CVE-2024-52595HIGHHTML Cleaner allows crafted scripts in special contexts like svg or math to pass throughEPSS 0.5%CVE-2020-14525LOWPhilips Clinical Collaboration Platform Improper Neutralization of Script in Attributes in a Web PageEPSS 0.4%CVE-2025-27145LOWcopyparty renders unsanitized filenames as HTML when user uploads empty filesEPSS 0.4%CVE-2023-30958MEDIUMDOM XSS in Developer mode dashboard via redirect GET parameterEPSS 0.3%CVE-2025-0125MEDIUMPAN-OS: Improper Neutralization of Input in the Management Web InterfaceEPSS 0.3%CVE-2025-0137MEDIUMPAN-OS: Improper Neutralization of Input in the Management Web InterfaceEPSS 0.3%CVE-2025-58746CRITICALVolkov Labs Business Links plugin vulnerable to privilege escalation attackEPSS 0.3%CVE-2024-26283HIGHAn attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom FEPSS 0.3%CVE-2025-67163MEDIUMA stored cross-site scripting (XSS) vulnerability in Simple Machines Forum v2.1.6 allows attackers to execute arbitrary web scripts or HTML EPSS 0.2%CVE-2026-22849HIGHSaleor lacks proper HTML sanitization in rich text fieldsEPSS 0.2%CVE-2024-9103MEDIUMPersistent XSS in blocked messagesEPSS 0.2%CVE-2026-53722MEDIUMNuxt: Reflected XSS in `<NuxtLink>` via unsanitised `javascript:` or `data:` URLEPSS 0.2%CVE-2026-53841LOWOpenClaw < 2026.5.12 - Cross-Site Scripting via Unsafe Markdown Links in Exported Session HTMLEPSS 0.2%CVE-2025-11682HIGHStored Cross-Site Scripting in Perx Customer Engagement & Loyalty PlatformEPSS 0.2%CVE-2026-45669MEDIUMNuxt: Reflected XSS in `navigateTo()` external redirectEPSS 0.2%CVE-2026-23516HIGHCVAT vulnerable to XSS via skeleton SVG imagesEPSS 0.1%