CWE-79 CVEs and Security Vulnerabilities

Export limit exceeded: 349508 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 45825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45825 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-28779	1 Simplecoding	1 Terms Descriptions	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Vladimir Statsenko Terms descriptions plugin <= 3.4.4 versions.
CVE-2023-28778	1 Bestwebsoft	1 Pagination	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Pagination plugin <= 1.2.2 versions.
CVE-2023-28776	1 I13websolution	1 Continuous Image Carousel With Lightbox	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin <= 1.0.15 versions.
CVE-2023-28774	1 Grade	1 Review Stream	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Grade Us, Inc. Review Stream plugin <= 1.6.5 versions.
CVE-2023-28773	1 Kolja-nolte	1 Secondary Title	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kolja Nolte Secondary Title plugin <= 2.0.9.1 versions.
CVE-2023-28750	1 Albo Pretorio On Line Project	1 Albo Pretorio On Line	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin <= 4.6 versions.
CVE-2023-28695	1 Vigilantor Project	1 Vigilantor	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Drew Phillips VigilanTor plugin <= 1.3.10 versions.
CVE-2023-28693	1 Balasahebbhise	1 Advanced Youtube Channel Pagination	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Balasaheb Bhise Advanced Youtube Channel Pagination plugin <= 1.0 version.
CVE-2023-28622	1 Tridenttechnolabs	1 Easy Slider Revolution	2024-11-21	5.9 Medium
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Trident Technolabs Easy Slider Revolution plugin <= 1.0.0 versions.
CVE-2023-28620	1 Cyberuslabs	1 Cyberus Key	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cyberus Labs Cyberus Key plugin <= 1.0 versions.
CVE-2023-28604	1 Sitegeist	1 Fluid Components	2024-11-21	6.1 Medium
The fluid_components (aka Fluid Components) extension before 3.5.0 for TYPO3 allows XSS via a component argument parameter, for certain {content} use cases that may be edge cases.
CVE-2023-28535	1 Commoninja	1 Paytm Payment Donation	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Paytm Payment Donation plugin <= 2.2.0 versions.
CVE-2023-28533	1 Nimbus	1 Cab Grid	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in M Williams Cab Grid plugin <= 1.5.15 versions.
CVE-2023-28525	1 Ibm	2 Engineering Requirements Management Doors, Engineering Requirements Management Doors Web Access	2024-11-21	4.8 Medium
IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 251052.
CVE-2023-28499	1 Simonpedge	1 Slide Anything-responsive Content\/html Slider And Carousel	2024-11-21	5.4 Medium
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in simonpedge Slide Anything – Responsive Content / HTML Slider and Carousel plugin <= 2.4.9 versions.
CVE-2023-28496	1 Smtp2go	1 Smtp2go	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SMTP2GO – Email Made Easy plugin <= 1.4.2 versions.
CVE-2023-28490	1 Estatik	1 Estatik Mortgage Calculator	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Estatik Estatik Mortgage Calculator plugin <= 2.0.7 versions.
CVE-2023-28477	1 Concretecms	1 Concrete Cms	2024-11-21	5.5 Medium
Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to stored XSS on API Integrations via the name parameter.
CVE-2023-28476	1 Concretecms	1 Concrete Cms	2024-11-21	5.4 Medium
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Tags on uploaded files.
CVE-2023-28475	1 Concretecms	1 Concrete Cms	2024-11-21	6.1 Medium
Concrete CMS (previously concrete5) versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized.

« first previous Page 1666 of 2292. next last »