CWE-79 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (43894 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-28622	1 Tridenttechnolabs	1 Easy Slider Revolution	2024-11-21	5.9 Medium
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Trident Technolabs Easy Slider Revolution plugin <= 1.0.0 versions.
CVE-2023-28621	1 Wishfulthemes	2 Raise Mag, Wishful Blog	2024-11-21	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wishfulthemes Raise Mag, Wishfulthemes Wishful Blog themes allows Reflected XSS.This issue affects Raise Mag: from n/a through 1.0.7; Wishful Blog: from n/a through 2.0.1.
CVE-2023-28620	1 Cyberuslabs	1 Cyberus Key	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cyberus Labs Cyberus Key plugin <= 1.0 versions.
CVE-2023-28604	1 Sitegeist	1 Fluid Components	2024-11-21	6.1 Medium
The fluid_components (aka Fluid Components) extension before 3.5.0 for TYPO3 allows XSS via a component argument parameter, for certain {content} use cases that may be edge cases.
CVE-2023-28535	1 Commoninja	1 Paytm Payment Donation	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Paytm Payment Donation plugin <= 2.2.0 versions.
CVE-2023-28533	1 Nimbus	1 Cab Grid	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in M Williams Cab Grid plugin <= 1.5.15 versions.
CVE-2023-28525	1 Ibm	2 Engineering Requirements Management Doors, Engineering Requirements Management Doors Web Access	2024-11-21	4.8 Medium
IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 251052.
CVE-2023-28499	1 Simonpedge	1 Slide Anything-responsive Content\/html Slider And Carousel	2024-11-21	5.4 Medium
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in simonpedge Slide Anything – Responsive Content / HTML Slider and Carousel plugin <= 2.4.9 versions.
CVE-2023-28496	1 Smtp2go	1 Smtp2go	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SMTP2GO – Email Made Easy plugin <= 1.4.2 versions.
CVE-2023-28490	1 Estatik	1 Estatik Mortgage Calculator	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Estatik Estatik Mortgage Calculator plugin <= 2.0.7 versions.
CVE-2023-28477	1 Concretecms	1 Concrete Cms	2024-11-21	5.5 Medium
Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to stored XSS on API Integrations via the name parameter.
CVE-2023-28476	1 Concretecms	1 Concrete Cms	2024-11-21	5.4 Medium
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Tags on uploaded files.
CVE-2023-28475	1 Concretecms	1 Concrete Cms	2024-11-21	6.1 Medium
Concrete CMS (previously concrete5) versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized.
CVE-2023-28423	1 Prismtechstudios	1 Modern Footnotes	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Prism Tech Studios Modern Footnotes plugin <= 1.4.15 versions.
CVE-2023-28418	1 Mediciti Lite Project	1 Mediciti Lite	2024-11-21	5.4 Medium
Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Yudlee themes Mediciti Lite theme <= 1.3.0 versions.
CVE-2023-28415	1 Xootix	1 Side Cart Woocommerce	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XootiX Side Cart Woocommerce (Ajax) plugin <= 2.2 versions.
CVE-2023-28332	1 Moodle	1 Moodle	2024-11-21	6.1 Medium
If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk.
CVE-2023-28174	1 Elightup	1 Erocket	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in eLightUp eRocket plugin <= 1.2.4 versions.
CVE-2023-28171	1 Wpchill	1 Brilliance	2024-11-21	5.4 Medium
Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in WP Chill Brilliance theme <= 1.3.1 versions.
CVE-2023-28166	1 Tags Cloud Manager Project	1 Tags Cloud Manager	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aakif Kadiwala Tags Cloud Manager plugin <= 1.0.0 versions.

« first previous Page 1531 of 2195. next last »