CWE-81
8 CVEs classified under CWE-81. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-4361 | Critical | 10.0 | 2023-07-07 | Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerabili… |
CVE-2022-4137 | High | 8.1 | 2023-09-25 | A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious l… |
CVE-2025-24344 | Medium | 6.3 | 2025-04-30 | A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags an… |
CVE-2019-25027 | Medium | 6.1 | 2021-04-23 | Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.10 (Vaadin 10.0.0 through 10.0.13), and 1.1… |
CVE-2024-47882 | Medium | 5.9 | 2024-10-24 | OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the built-in "Something went wrong!" error page includes the except… |
CVE-2025-0883 | | 2025-03-12 | Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager. The vulnerability could reveal sensitive informati… | |
CVE-2024-47064 | | 2024-09-30 | Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If an attacker can trick a logged-in CVAT user in… | |
CVE-2024-6892 | | 2024-08-07 | Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application. |