Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2025-02-11 CVE-2025-24867 SAP BusinessObjects Platform (BI Launchpad) does not sufficiently handle user input, resulting in Cross-Site Scripting (XSS) vulnerability.
network
low complexity
CWE-79
6.1
6.1
2025-02-10 CVE-2024-13010 The WP Foodbakery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on the 'search_type' parameter.
network
low complexity
CWE-79
6.1
6.1
2025-02-10 CVE-2024-48170 Cross-site Scripting vulnerability in PHPgurukul Small CRM 3.0
PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name in the profile.php.
network
low complexity
phpgurukul CWE-79
5.4
5.4
2025-02-08 CVE-2025-0169 Cross-site Scripting vulnerability in Scriptsbundle DWT Listing
The DWT - Directory & Listing WordPress Theme is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
scriptsbundle CWE-79
5.4
5.4
2025-02-08 CVE-2024-13850 Cross-site Scripting vulnerability in Mijnpress Simple ADD Pages or Posts
The Simple add pages or posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping.
network
low complexity
mijnpress CWE-79
4.8
4.8
2025-02-06 CVE-2024-52892 IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
6.1
6.1
2025-02-06 CVE-2024-49791 Cross-site Scripting vulnerability in IBM Applinx 11.1.0
IBM ApplinX 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2025-02-06 CVE-2024-49792 Cross-site Scripting vulnerability in IBM Applinx 11.1.0
IBM ApplinX 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2025-02-06 CVE-2024-49793 Cross-site Scripting vulnerability in IBM Applinx 11.1.0
IBM ApplinX 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2025-02-05 CVE-2024-38318 Cross-site Scripting vulnerability in IBM Aspera Shares 1.10.0
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection.
network
low complexity
ibm CWE-79
6.1
6.1