CWE-84
10 CVEs classified under CWE-84. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-25571 | Medium | 6.8 | 2023-02-14 | Backstage is an open platform for building developer portals. `@backstage/catalog-model` prior to version 1.2.0, `@backstage/core-components` prior to 0.12.4… |
CVE-2024-45045 | Medium | 6.3 | 2024-08-29 | Collabora Online is a collaborative online office suite based on LibreOffice technology. In the mobile (Android/iOS) device variants of Collabora Online it was… |
CVE-2024-52890 | Medium | 6.1 | 2025-08-05 | IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross-site scripting due to no validation of URIs. |
CVE-2025-30203 | Medium | 4.8 | 2025-03-31 | Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap allows cross-site scripting (XSS) via the content of RS… |
CVE-2023-30959 | Medium | 4.1 | 2023-09-26 | In Apollo change requests, comments added by users could contain a javascript URI link that when rendered will result in an XSS that require user interaction. |
CVE-2024-42184 | Low | 2.5 | 2025-01-23 | BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could allow a malicious operator to attempt to download files using th… |
CVE-2025-58444 | | 2025-09-08 | The MCP inspector is a developer tool for testing and debugging MCP servers. A cross-site scripting issue was reported in versions of the MCP Inspector local d… | |
CVE-2022-40181 | | 2022-10-11 | A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All… | |
CVE-2021-3824 | | 2021-09-23 | OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL. | |
CVE-2020-7011 | | 2020-06-03 | Elastic App Search versions before 7.7.0 contain a cross site scripting (XSS) flaw when displaying document URLs in the Reference UI. If the Reference UI injec… |