VYPR

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

BaseStableLikelihood: High

Description

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-209 · CAPEC-588 · CAPEC-591 · CAPEC-592 · CAPEC-63 · CAPEC-85

CVEs mapped to this weakness (24,712)

page 16 of 1,236
  • CVE-2026-42556HigMay 8, 2026
    risk 0.51cvss 8.9epss 0.00

    Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who can create a post can store arbitrary HTML in post content by tampering their own save request and send the public preview link /p/?share=true to…

  • CVE-2026-40487HigApr 18, 2026
    risk 0.51cvss 8.9epss 0.00

    Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file upload validation bypass allows any authenticated user to upload arbitrary HTML, SVG, or other executable file types to the server by spoofing the `Content-Type` header. The uploaded files are then…

  • CVE-2026-39328HigApr 7, 2026
    risk 0.51cvss 8.9epss 0.00

    ChurchCRM is an open-source church management system. Prior to 7.1.0, a stored cross-site scripting vulnerability exists in ChurchCRM's person profile editing functionality. Non-administrative users who have the EditSelf permission can inject malicious JavaScript into their…

  • CVE-2026-5429HigApr 2, 2026
    risk 0.51cvss 7.8epss 0.00

    Unsanitized input during web page generation in the Kiro Agent webview in Kiro IDE before version 0.8.140 allows a remote unauthenticated threat actor to execute arbitrary code via a potentially damaging crafted color theme name when a local user opens the workspace. This issue…

  • CVE-2025-40890HigNov 25, 2025
    risk 0.51cvss 7.9epss 0.00

    A Stored Cross-Site Scripting vulnerability was discovered in the Dashboards functionality due to improper validation of an input parameter. An authenticated low-privilege user can craft a malicious dashboard containing a JavaScript payload and share it with victim users, or…

  • CVE-2024-52281HigApr 16, 2025
    risk 0.51cvss 8.9epss 0.00

    A: Improper Neutralization of Input During Web Page Generation vulnerability in SUSE rancher allows a malicious actor to perform a Stored XSS attack through the cluster description field. This issue affects rancher: from 2.9.0 before 2.9.4.

  • CVE-2024-37166HigJun 10, 2024
    risk 0.51cvss 8.9epss 0.00

    ghtml is software that uses tagged templates for template engine functionality. It is possible to introduce user-controlled JavaScript code and trigger a Cross-Site Scripting (XSS) vulnerability in some cases. Version 2.0.0 introduces changes to mitigate this issue. Version…

  • CVE-2024-37063HigJun 4, 2024
    risk 0.51cvss 7.8epss 0.00

    A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the browser.

  • CVE-2018-11449HigJun 26, 2018
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the local file system. A successful attack could allow…

  • CVE-2026-8071HigJun 10, 2026
    risk 0.50cvss 8.8epss 0.00

    The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute…

  • CVE-2026-46518HigJun 10, 2026
    risk 0.50cvss 7.7epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary…

  • CVE-2026-47762HigMay 28, 2026
    risk 0.50cvss 8.7epss 0.00

    TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability via forged mce:protected comments. Allows attackers to bypass sanitization and inject scripts that execute when content is restored. Impacts users who utilize the…

  • CVE-2026-47761HigMay 28, 2026
    risk 0.50cvss 8.7epss 0.00

    TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability in the media plugin. Attackers can inject malicious scripts via crafted data-mce-* attributes, which are executed when content is rendered. Impacts users of TinyMCE…

  • CVE-2026-47760HigMay 28, 2026
    risk 0.50cvss 8.7epss 0.00

    TinyMCE is an open source rich text editor. From 6.8.0 to before 7.1.0, TinyMCE contains an XSS vulnerability caused by improper SVG namespace scope handling in the sanitizer. A crafted payload using nested elements can bypass attribute sanitization and execute arbitrary…

  • CVE-2026-47759HigMay 28, 2026
    risk 0.50cvss 8.7epss 0.00

    TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability via unsanitized data-mce-* attributes (data-mce-href, data-mce-src, data-mce-style). Allows attackers to inject malicious values that override safe attributes…

  • CVE-2026-42197HigMay 27, 2026
    risk 0.50cvss 8.7epss 0.00

    RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially…

  • CVE-2026-44669HigMay 26, 2026
    risk 0.50cvss 8.7epss 0.00

    FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachment filenames in assessment file preview flows. User-supplied filename values are persisted and later rendered into…

  • CVE-2026-44667HigMay 26, 2026
    risk 0.50cvss 8.7epss 0.00

    FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachment filenames in remediation verification file preview flows. User-supplied filename values are persisted and then…

  • CVE-2026-44729HigMay 26, 2026
    risk 0.50cvss 8.7epss 0.00

    Twenty is an open source CRM. In 1.18.0 and earlier, the file serving endpoints in Twenty CRM at /files/* and /file/:fileFolder/:id serve uploaded files using fileStream.pipe(res) without setting any Content-Type, Content-Disposition, or X-Content-Type-Options response headers.…

  • CVE-2026-41147HigMay 22, 2026
    risk 0.50cvss 8.7epss 0.00

    NukeViet CMS is a multi Content Management System. Versions 4.5.07 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability caused by insufficient server-side input sanitization in the Request class. The application relies primarily on client-side filtering to…