VYPR

CWE-83

Improper Neutralization of Script in Attributes in a Web Page

VariantDraft

Description

The product does not neutralize or incorrectly neutralizes "javascript:" or other URIs from dangerous attributes within tags, such as onmouseover, onload, onerror, or style.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-243 · CAPEC-244 · CAPEC-588

CVEs mapped to this weakness (17)

  • CVE-2025-58746CriSep 8, 2025
    risk 0.52cvss 9.0epss 0.00

    The Volkov Labs Business Links panel for Grafana provides an interface to navigate using external links, internal dashboards, time pickers, and dropdown menus. Prior to version 2.4.0, a malicious actor with Editor privileges can escalate their privileges to Administrator and…

  • CVE-2025-4615HigOct 9, 2025
    risk 0.47cvss 7.2epss 0.01

    An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly…

  • CVE-2025-11682HigOct 27, 2025
    risk 0.46cvss epss 0.00

    Stored cross-site scripting (XSS) vulnerability in the LMT Dashboard of the Perx Customer Engagement & Loyalty Platform allows an authenticated attacker to execute arbitrary JavaScript code in a victim's browser. The vulnerability is due to improper sanitization of SVG file…

  • CVE-2026-49276higJun 18, 2026
    risk 0.45cvss epss

    ### TL;DR This vulnerability affects Kirby sites that use the writer field in any blueprint. It was possible to include a scripting link as the target of a link (or email link). This link target would then be clickable by the user who entered it. A successful attack commonly…

  • CVE-2025-0125MedApr 11, 2025
    risk 0.45cvss epss 0.00

    An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have…

  • CVE-2024-9103MedMar 24, 2025
    risk 0.40cvss 6.1epss 0.00

    Improper Neutralization of Script in Attributes in a Web Page vulnerability in Forcepoint Email Security (Blocked Messages module) allows Stored XSS. This issue affects Email Security through 8.5.5.

  • CVE-2026-53841MedJun 16, 2026
    risk 0.33cvss 6.1epss 0.00

    OpenClaw before 2026.5.12 contains a cross-site scripting vulnerability in exported session HTML that preserves unsafe javascript: and data: links in generated content. Attackers can execute browser-side scripts if a trusted operator opens the exported file and activates a…

  • CVE-2025-0137MedMay 14, 2025
    risk 0.31cvss epss 0.00

    An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have…

  • CVE-2026-53722MedJun 12, 2026
    risk 0.28cvss 5.4epss 0.00

    Nuxt is an open-source web development framework for Vue.js. Prior to versions 3.21.7 and 4.4.7, did not validate the URL scheme of values bound to its to or href props before rendering them into the href attribute of the underlying element. When an application…

  • CVE-2026-45669MedJun 12, 2026
    risk 0.28cvss 5.4epss 0.00

    Nuxt is an open-source web development framework for Vue.js. From versions 3.4.3 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, navigateTo() with external: true generates a server-side HTML redirect body containing a tag. The destination URL is…

  • CVE-2026-8245MedMay 21, 2026
    risk 0.28cvss 5.4epss 0.00

    Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection. Concrete\Core\Legacy\Pagination builds pagination links by raw-interpolating its $URL field into href="" (). Any authenticated admin or…

  • CVE-2026-48591Jun 17, 2026
    risk 0.00cvss epss 0.00

    Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':_make_att1/2 in lib/earmark/transform.ex splices attribute values verbatim between…

  • CVE-2025-27145Feb 25, 2025
    risk 0.00cvss epss 0.00

    copyparty, a portable file server, has a DOM-based cross-site scripting vulnerability in versions prior to 1.16.15. The vulnerability is considered low-risk. By handing someone a maliciously-named file, and then tricking them into dragging the file into copyparty's Web-UI, an…

  • CVE-2024-52595Nov 19, 2024
    risk 0.00cvss epss 0.00

    lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as ``, `` and ``. This behavior deviates from…

  • CVE-2024-34343Aug 5, 2024
    risk 0.00cvss epss 0.00

    Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. The `navigateTo` function attempts to blockthe `javascript:` protocol, but does not correctly use API's provided by `unjs/ufo`. This library also contains parsing…

  • CVE-2023-37908Oct 25, 2023
    risk 0.00cvss epss 0.01

    XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. The cleaning of attributes during XHTML rendering, introduced in version 14.6-rc-1, allowed the injection of arbitrary HTML code and thus cross-site scripting via…

  • CVE-2023-32070May 10, 2023
    risk 0.00cvss epss 0.01

    XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in…