CWE-83
Improper Neutralization of Script in Attributes in a Web Page
Description
The product does not neutralize or incorrectly neutralizes "javascript:" or other URIs from dangerous attributes within tags, such as onmouseover, onload, onerror, or style.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-243 · CAPEC-244 · CAPEC-588
CVEs mapped to this weakness (17)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-58746 | Cri | 0.52 | 9.0 | 0.00 | Sep 8, 2025 | The Volkov Labs Business Links panel for Grafana provides an interface to navigate using external links, internal dashboards, time pickers, and dropdown menus. Prior to version 2.4.0, a malicious actor with Editor privileges can escalate their privileges to Administrator and… | ||
| CVE-2025-4615 | Hig | 0.47 | 7.2 | 0.01 | Oct 9, 2025 | An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly… | ||
| CVE-2025-11682 | Hig | 0.46 | — | 0.00 | Oct 27, 2025 | Stored cross-site scripting (XSS) vulnerability in the LMT Dashboard of the Perx Customer Engagement & Loyalty Platform allows an authenticated attacker to execute arbitrary JavaScript code in a victim's browser. The vulnerability is due to improper sanitization of SVG file… | ||
| CVE-2026-49276 | hig | 0.45 | — | — | Jun 18, 2026 | ### TL;DR This vulnerability affects Kirby sites that use the writer field in any blueprint. It was possible to include a scripting link as the target of a link (or email link). This link target would then be clickable by the user who entered it. A successful attack commonly… | ||
| CVE-2025-0125 | Med | 0.45 | — | 0.00 | Apr 11, 2025 | An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have… | ||
| CVE-2024-9103 | Med | 0.40 | 6.1 | 0.00 | Mar 24, 2025 | Improper Neutralization of Script in Attributes in a Web Page vulnerability in Forcepoint Email Security (Blocked Messages module) allows Stored XSS. This issue affects Email Security through 8.5.5. | ||
| CVE-2026-53841 | Med | 0.33 | 6.1 | 0.00 | Jun 16, 2026 | OpenClaw before 2026.5.12 contains a cross-site scripting vulnerability in exported session HTML that preserves unsafe javascript: and data: links in generated content. Attackers can execute browser-side scripts if a trusted operator opens the exported file and activates a… | ||
| CVE-2025-0137 | Med | 0.31 | — | 0.00 | May 14, 2025 | An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have… | ||
| CVE-2026-53722 | Med | 0.28 | 5.4 | 0.00 | Jun 12, 2026 | Nuxt is an open-source web development framework for Vue.js. Prior to versions 3.21.7 and 4.4.7, did not validate the URL scheme of values bound to its to or href props before rendering them into the href attribute of the underlying element. When an application… | ||
| CVE-2026-45669 | Med | 0.28 | 5.4 | 0.00 | Jun 12, 2026 | Nuxt is an open-source web development framework for Vue.js. From versions 3.4.3 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, navigateTo() with external: true generates a server-side HTML redirect body containing a tag. The destination URL is… | ||
| CVE-2026-8245 | Med | 0.28 | 5.4 | 0.00 | May 21, 2026 | Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection. Concrete\Core\Legacy\Pagination builds pagination links by raw-interpolating its $URL field into href="" (). Any authenticated admin or… | ||
| CVE-2026-48591 | 0.00 | — | 0.00 | Jun 17, 2026 | Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':_make_att1/2 in lib/earmark/transform.ex splices attribute values verbatim between… | |||
| CVE-2025-27145 | 0.00 | — | 0.00 | Feb 25, 2025 | copyparty, a portable file server, has a DOM-based cross-site scripting vulnerability in versions prior to 1.16.15. The vulnerability is considered low-risk. By handing someone a maliciously-named file, and then tricking them into dragging the file into copyparty's Web-UI, an… | |||
| CVE-2024-52595 | — | 0.00 | — | 0.00 | Nov 19, 2024 | lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as ``, `` and ``. This behavior deviates from… | ||
| CVE-2024-34343 | 0.00 | — | 0.00 | Aug 5, 2024 | Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. The `navigateTo` function attempts to blockthe `javascript:` protocol, but does not correctly use API's provided by `unjs/ufo`. This library also contains parsing… | |||
| CVE-2023-37908 | 0.00 | — | 0.01 | Oct 25, 2023 | XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. The cleaning of attributes during XHTML rendering, introduced in version 14.6-rc-1, allowed the injection of arbitrary HTML code and thus cross-site scripting via… | |||
| CVE-2023-32070 | 0.00 | — | 0.01 | May 10, 2023 | XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in… |
- risk 0.52cvss 9.0epss 0.00
The Volkov Labs Business Links panel for Grafana provides an interface to navigate using external links, internal dashboards, time pickers, and dropdown menus. Prior to version 2.4.0, a malicious actor with Editor privileges can escalate their privileges to Administrator and…
- risk 0.47cvss 7.2epss 0.01
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly…
- risk 0.46cvss —epss 0.00
Stored cross-site scripting (XSS) vulnerability in the LMT Dashboard of the Perx Customer Engagement & Loyalty Platform allows an authenticated attacker to execute arbitrary JavaScript code in a victim's browser. The vulnerability is due to improper sanitization of SVG file…
- risk 0.45cvss —epss —
### TL;DR This vulnerability affects Kirby sites that use the writer field in any blueprint. It was possible to include a scripting link as the target of a link (or email link). This link target would then be clickable by the user who entered it. A successful attack commonly…
- risk 0.45cvss —epss 0.00
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have…
- risk 0.40cvss 6.1epss 0.00
Improper Neutralization of Script in Attributes in a Web Page vulnerability in Forcepoint Email Security (Blocked Messages module) allows Stored XSS. This issue affects Email Security through 8.5.5.
- risk 0.33cvss 6.1epss 0.00
OpenClaw before 2026.5.12 contains a cross-site scripting vulnerability in exported session HTML that preserves unsafe javascript: and data: links in generated content. Attackers can execute browser-side scripts if a trusted operator opens the exported file and activates a…
- risk 0.31cvss —epss 0.00
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have…
- risk 0.28cvss 5.4epss 0.00
Nuxt is an open-source web development framework for Vue.js. Prior to versions 3.21.7 and 4.4.7, did not validate the URL scheme of values bound to its to or href props before rendering them into the href attribute of the underlying element. When an application…
- risk 0.28cvss 5.4epss 0.00
Nuxt is an open-source web development framework for Vue.js. From versions 3.4.3 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, navigateTo() with external: true generates a server-side HTML redirect body containing a tag. The destination URL is…
- risk 0.28cvss 5.4epss 0.00
Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection. Concrete\Core\Legacy\Pagination builds pagination links by raw-interpolating its $URL field into href="" (). Any authenticated admin or…
- CVE-2026-48591Jun 17, 2026risk 0.00cvss —epss 0.00
Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':_make_att1/2 in lib/earmark/transform.ex splices attribute values verbatim between…
- CVE-2025-27145Feb 25, 2025risk 0.00cvss —epss 0.00
copyparty, a portable file server, has a DOM-based cross-site scripting vulnerability in versions prior to 1.16.15. The vulnerability is considered low-risk. By handing someone a maliciously-named file, and then tricking them into dragging the file into copyparty's Web-UI, an…
- CVE-2024-52595Nov 19, 2024risk 0.00cvss —epss 0.00
lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as ``, `` and ``. This behavior deviates from…
- CVE-2024-34343Aug 5, 2024risk 0.00cvss —epss 0.00
Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. The `navigateTo` function attempts to blockthe `javascript:` protocol, but does not correctly use API's provided by `unjs/ufo`. This library also contains parsing…
- CVE-2023-37908Oct 25, 2023risk 0.00cvss —epss 0.01
XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. The cleaning of attributes during XHTML rendering, introduced in version 14.6-rc-1, allowed the injection of arbitrary HTML code and thus cross-site scripting via…
- CVE-2023-32070May 10, 2023risk 0.00cvss —epss 0.01
XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in…