Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-79 Clear
ID Title
CVE-2026-8438 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8438)
cross-site scripting in wordpress (CVE-2026-8438). Risk of unauthorized operations or information disclosure.
CVE-2026-8900 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8900)
cross-site scripting in wordpress (CVE-2026-8900). Risk of unauthorized operations or information disclosure.
CVE-2026-8893 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8893)
cross-site scripting in wordpress (CVE-2026-8893). Risk of unauthorized operations or information disclosure.
CVE-2026-45778 Cross-Site Scripting (XSS) in buffalo (CVE-2026-45778)
cross-site scripting in buffalo (CVE-2026-45778). Risk of unauthorized operations or information disclosure.
CVE-2026-25624 Cross-Site Scripting (XSS) in arista (CVE-2026-25624)
cross-site scripting in arista (CVE-2026-25624). Confidential information can be exposed externally.
CVE-2026-11338 Cross-Site Scripting (XSS) in CVE-2026-11338 (CVE-2026-11338)
cross-site scripting in CVE-2026-11338 (CVE-2026-11338). Risk of unauthorized operations or information disclosure.
CVE-2026-11337 Cross-Site Scripting (XSS) in CVE-2026-11337 (CVE-2026-11337)
cross-site scripting in CVE-2026-11337 (CVE-2026-11337). Risk of unauthorized operations or information disclosure.
CVE-2026-47387 Cross-Site Scripting (XSS) in nocodb (CVE-2026-47387)
cross-site scripting in nocodb (CVE-2026-47387). Risk of unauthorized operations or information disclosure. Exploitable via ``redirect_url``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-47383 Cross-Site Scripting (XSS) in nocodb (CVE-2026-47383)
cross-site scripting in nocodb (CVE-2026-47383). Risk of unauthorized operations or information disclosure. Exploitable via ``localStorage``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-47376 Cross-Site Scripting (XSS) in nocodb (CVE-2026-47376)
cross-site scripting in nocodb (CVE-2026-47376). Risk of unauthorized operations or information disclosure. Exploitable via ``dataset.token``. Mitigation: upgrade to `2026.04.1` or later.
CVE-2026-38579 Cross-Site Scripting (XSS) in CVE-2026-38579 (CVE-2026-38579)
cross-site scripting in CVE-2026-38579 (CVE-2026-38579). Risk of unauthorized operations or information disclosure.
CVE-2026-50235 Cross-Site Scripting (XSS) in CVE-2026-50235 (CVE-2026-50235)
cross-site scripting in CVE-2026-50235 (CVE-2026-50235). Risk of unauthorized operations or information disclosure.
CVE-2026-50232 Cross-Site Scripting (XSS) in CVE-2026-50232 (CVE-2026-50232)
cross-site scripting in CVE-2026-50232 (CVE-2026-50232). Risk of unauthorized operations or information disclosure.
CVE-2026-50230 Cross-Site Scripting (XSS) in CVE-2026-50230 (CVE-2026-50230)
cross-site scripting in CVE-2026-50230 (CVE-2026-50230). Risk of unauthorized operations or information disclosure.
CVE-2026-50231 Cross-Site Scripting (XSS) in CVE-2026-50231 (CVE-2026-50231)
cross-site scripting in CVE-2026-50231 (CVE-2026-50231). Risk of unauthorized operations or information disclosure. Exploitable via `User-Agent header`.
CVE-2026-21825 Cross-Site Scripting (XSS) in hcltech (CVE-2026-21825)
cross-site scripting in hcltech (CVE-2026-21825). Risk of unauthorized operations or information disclosure.
CVE-2026-50591 IN Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences.
IN Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences.
CVE-2026-50592 Cross-Site Scripting (XSS) in CVE-2026-50592 (CVE-2026-50592)
cross-site scripting in CVE-2026-50592 (CVE-2026-50592). Risk of unauthorized operations or information disclosure.
CVE-2026-11273 Vulnerability in google (CVE-2026-11273)
vulnerability in google (CVE-2026-11273). Risk of unauthorized operations or information disclosure.
CVE-2026-11186 Cross-Site Scripting (XSS) in google (CVE-2026-11186)
cross-site scripting in google (CVE-2026-11186). Risk of unauthorized operations or information disclosure.
CVE-2026-11166 Cross-Site Scripting (XSS) in google (CVE-2026-11166)
cross-site scripting in google (CVE-2026-11166). Confidential information can be exposed externally.
CVE-2026-11150 Cross-Site Scripting (XSS) in google (CVE-2026-11150)
cross-site scripting in google (CVE-2026-11150). Risk of unauthorized operations or information disclosure.
CVE-2026-41518 Cross-Site Scripting (XSS) in CVE-2026-41518 (CVE-2026-41518)
cross-site scripting in CVE-2026-41518 (CVE-2026-41518). Confidential information can be exposed externally. Exploitable via ``ChartDatasetConfig.legend``.
CVE-2025-65640 Cross-Site Scripting (XSS) in CVE-2025-65640 (CVE-2025-65640)
cross-site scripting in CVE-2025-65640 (CVE-2025-65640). Confidential information can be exposed externally.
CVE-2025-67448 Cross-Site Scripting (XSS) in CVE-2025-67448 (CVE-2025-67448)
cross-site scripting in CVE-2025-67448 (CVE-2025-67448). Confidential information can be exposed externally.
CVE-2026-43984 Cross-Site Scripting (XSS) in CVE-2026-43984 (CVE-2026-43984)
cross-site scripting in CVE-2026-43984 (CVE-2026-43984). Confidential information can be exposed externally. Exploitable via ``log_js_errors``.
CVE-2026-10810 Cross-Site Scripting (XSS) in CVE-2026-10810 (CVE-2026-10810)
cross-site scripting in CVE-2026-10810 (CVE-2026-10810). Risk of unauthorized operations or information disclosure.
CVE-2019-25744 Cross-Site Scripting (XSS) in wordpress (CVE-2019-25744)
cross-site scripting in wordpress (CVE-2019-25744). Risk of unauthorized operations or information disclosure.
CVE-2019-25739 Cross-Site Scripting (XSS) in CVE-2019-25739 (CVE-2019-25739)
cross-site scripting in CVE-2019-25739 (CVE-2019-25739). Risk of unauthorized operations or information disclosure.
CVE-2019-25743 Cross-Site Scripting (XSS) in wordpress (CVE-2019-25743)
cross-site scripting in wordpress (CVE-2019-25743). Risk of unauthorized operations or information disclosure.
CVE-2019-25737 Cross-Site Scripting (XSS) in CVE-2019-25737 (CVE-2019-25737)
cross-site scripting in CVE-2019-25737 (CVE-2019-25737). Risk of unauthorized operations or information disclosure.
CVE-2019-25742 Cross-Site Scripting (XSS) in wordpress (CVE-2019-25742)
cross-site scripting in wordpress (CVE-2019-25742). Risk of unauthorized operations or information disclosure.
CVE-2019-25731 Cross-Site Scripting (XSS) in CVE-2019-25731 (CVE-2019-25731)
cross-site scripting in CVE-2019-25731 (CVE-2019-25731). Risk of unauthorized operations or information disclosure.
CVE-2026-37700 Cross-Site Scripting (XSS) in CVE-2026-37700 (CVE-2026-37700)
cross-site scripting in CVE-2026-37700 (CVE-2026-37700). Risk of unauthorized operations or information disclosure.
CVE-2026-42840 Cross-Site Scripting (XSS) in CVE-2026-42840 (CVE-2026-42840)
cross-site scripting in CVE-2026-42840 (CVE-2026-42840). Risk of unauthorized operations or information disclosure.
CVE-2026-42839 Cross-Site Scripting (XSS) in CVE-2026-42839 (CVE-2026-42839)
cross-site scripting in CVE-2026-42839 (CVE-2026-42839). Risk of unauthorized operations or information disclosure.
CVE-2026-26378 Cross-Site Scripting (XSS) in koha (CVE-2026-26378)
cross-site scripting in koha (CVE-2026-26378). Risk of unauthorized operations or information disclosure.
CVE-2026-39107 Cross-Site Scripting (XSS) in CVE-2026-39107 (CVE-2026-39107)
cross-site scripting in CVE-2026-39107 (CVE-2026-39107). Risk of unauthorized operations or information disclosure.
CVE-2026-36460 Cross-Site Scripting (XSS) in CVE-2026-36460 (CVE-2026-36460)
cross-site scripting in CVE-2026-36460 (CVE-2026-36460). Risk of unauthorized operations or information disclosure.
CVE-2026-20233 Cross-Site Scripting (XSS) in Cisco webex-meetings (CVE-2026-20233)
cross-site scripting in Cisco webex-meetings (CVE-2026-20233). Risk of unauthorized operations or information disclosure.
CVE-2026-42321 Cross-Site Scripting (XSS) in CVE-2026-42321 (CVE-2026-42321)
cross-site scripting in CVE-2026-42321 (CVE-2026-42321). Risk of unauthorized operations or information disclosure.
CVE-2026-36748 Cross-Site Scripting (XSS) in CVE-2026-36748 (CVE-2026-36748)
cross-site scripting in CVE-2026-36748 (CVE-2026-36748). Successful exploitation can lead to full system takeover.
CVE-2022-31114 Cross-Site Scripting (XSS) in backpack/crud (CVE-2022-31114)
cross-site scripting in backpack/crud (CVE-2022-31114). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.0.63` or later.
CVE-2026-47324 Cross-Site Scripting (XSS) in CVE-2026-47324 (CVE-2026-47324)
cross-site scripting in CVE-2026-47324 (CVE-2026-47324). Risk of unauthorized operations or information disclosure.
CVE-2025-14773 Cross-Site Scripting (XSS) in abb (CVE-2025-14773)
cross-site scripting in abb (CVE-2025-14773). Successful exploitation can lead to full system takeover.
CVE-2025-15654 Cross-Site Scripting (XSS) in CVE-2025-15654 (CVE-2025-15654)
cross-site scripting in CVE-2025-15654 (CVE-2025-15654). Risk of unauthorized operations or information disclosure.
CVE-2026-7421 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7421)
cross-site scripting in wordpress (CVE-2026-7421). Risk of unauthorized operations or information disclosure. Exploitable via ``shop_name``.
CVE-2026-40108 Cross-Site Scripting (XSS) in CVE-2026-40108 (CVE-2026-40108)
cross-site scripting in CVE-2026-40108 (CVE-2026-40108). Risk of unauthorized operations or information disclosure.
CVE-2026-35212 Cross-Site Scripting (XSS) in pycti (CVE-2026-35212)
cross-site scripting in pycti (CVE-2026-35212). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.260227.0` or later.
CVE-2026-42849 Cross-Site Scripting (XSS) in authentik (CVE-2026-42849)
cross-site scripting in authentik (CVE-2026-42849). Confidential information can be exposed externally. Mitigation: upgrade to `2025.12.5, 2026.2.3` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →