Description
The web application improperly neutralizes user-controlled input for executable script disguised with URI encodings.
CVE vulnerabilities with CWE-84 (18)
8.6
CVSS
HIGH
CVE-2025-58444
pub. 2025-09-08
8.3
CVSS
HIGH
CVE-2022-40181
pub. 2022-10-11
6.8
CVSS
MEDIUM
CVE-2023-25571
pub. 2023-02-14
6.3
CVSS
MEDIUM
CVE-2024-45045
pub. 2024-08-29
6.1
CVSS
MEDIUM
CVE-2024-52890
pub. 2025-08-05
6.1
CVSS
MEDIUM
CVE-2021-3824
pub. 2021-09-23
6.1
CVSS
MEDIUM
CVE-2020-7011
pub. 2020-06-03
5.5
CVSS
MEDIUM
CVE-2025-25323
pub. 2025-02-27
5.5
CVSS
MEDIUM
CVE-2025-25324
pub. 2025-02-27
5.5
CVSS
MEDIUM
CVE-2025-25325
pub. 2025-02-27
5.5
CVSS
MEDIUM
CVE-2025-25326
pub. 2025-02-27
5.5
CVSS
MEDIUM
CVE-2025-25329
pub. 2025-02-27
5.5
CVSS
MEDIUM
CVE-2025-25330
pub. 2025-02-27
5.5
CVSS
MEDIUM
CVE-2025-25331
pub. 2025-02-27
5.5
CVSS
MEDIUM
CVE-2025-25334
pub. 2025-02-27
4.8
CVSS
MEDIUM
CVE-2025-30203
pub. 2025-03-31
4.1
CVSS
MEDIUM
CVE-2023-30959
pub. 2023-09-27
2.5
CVSS
LOW
CVE-2024-42184
pub. 2025-01-23