Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2025-01-13 CVE-2025-22614 Cross-site Scripting vulnerability in Wegia
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions.
network
low complexity
wegia CWE-79
5.4
5.4
2025-01-13 CVE-2025-22615 Cross-site Scripting vulnerability in Wegia
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions.
network
low complexity
wegia CWE-79
6.1
6.1
2025-01-13 CVE-2025-22616 Cross-site Scripting vulnerability in Wegia
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions.
network
low complexity
wegia CWE-79
5.4
5.4
2025-01-13 CVE-2025-22617 Cross-site Scripting vulnerability in Wegia
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions.
network
low complexity
wegia CWE-79
6.1
6.1
2025-01-13 CVE-2025-22618 Cross-site Scripting vulnerability in Wegia
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions.
network
low complexity
wegia CWE-79
5.4
5.4
2025-01-13 CVE-2025-22619 Cross-site Scripting vulnerability in Wegia
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions.
network
low complexity
wegia CWE-79
6.1
6.1
2025-01-12 CVE-2021-29669 IBM Jazz Foundation 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
5.4
5.4
2025-01-12 CVE-2024-49785 IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
5.4
5.4
2025-01-11 CVE-2024-11386 The GatorMail SmartForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gatormailsmartform' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2025-01-11 CVE-2024-11758 The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4