CWE-83 is a common weakness enumeration in software security. This database tracks 9 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-83?

There are 9 CVE vulnerabilities classified as CWE-83 with an average CVSS score of 6.2857142857143.

What is the severity distribution for CWE-83?

CWE-83 contains 1 critical, 1 high, 6 medium, and 1 low severity vulnerabilities.

CWE-83

Total CVEs

Vulnerabilities

Avg CVSS v3

6.3

Medium

Avg CVSS v2

2.7

Low

Latest CVE

2025

Most Recent

Severity Distribution

Critical 1

11.1%

High 1

11.1%

Medium 6

66.7%

Low 1

11.1%

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (9)

Page 1 of 1

CVE-2023-37908

CRITICAL

CVSS:9.6(Critical)

XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. The cleaning of attributes during XHTML rendering, introduced in version 14.6-rc-1, all...

CWE-832023

CVE-2024-26283

HIGH

CVSS:7.8(High)

An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < ...

CWE-832024

CVE-2024-9103

MEDIUM

CVSS:6.1(Medium)

Improper Neutralization of Script in Attributes in a Web Page vulnerability in Forcepoint Email Security (Blocked Messages module) allows Stored XSS. This issue affects Email Security through 8.5.5.

CWE-832024

CVE-2023-32070

MEDIUM

CVSS:6.1(Medium)

XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attrib...

CWE-832023

CVE-2023-30958

MEDIUM

CVSS:6.1(Medium)

A security defect was identified in Foundry Frontend that enabled users to potentially conduct DOM XSS attacks if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundr...

CWE-832023

CVE-2022-39262

MEDIUM

CVSS:4.8(Medium)

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package, GLPI administrator can define rich-text content to be displayed on login page. The dis...

CWE-832022

CVE-2020-14525

LOW

CVSS:3.5(Low)

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a webpage ...

CWE-832020

CVE-2025-0137

MEDIUM

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate anot...

CWE-832025

CVE-2025-0125

MEDIUM

CWE-832025