CVEs classified under CWE-1022, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2022-1583 — CVSS 6.5 (medium): The External Links in New Window / New Tab WordPress plugin before 1.43 does not ensure window.opener is set to "null" when links to…
CVE-2020-36624 — CVSS 6.3 (medium): A vulnerability was found in ahorner text-helpers up to 1.0.x. It has been declared as critical. This vulnerability affects unknown code of…
CVE-2024-39727 — CVSS 6.1 (medium): IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external…
CVE-2022-4927 — CVSS 5.5 (medium): A vulnerability was found in ualbertalib NEOSDiscovery 1.0.70 and classified as problematic. This issue affects some unknown processing of…
CVE-2025-33014 — CVSS 5.4 (medium): IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with…
CVE-2022-2600 — CVSS 5.4 (medium): The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel="noopener noreferer" on generated links, which can lead to Tab…
CVE-2025-59842 — CVSS 4.3 (medium): jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to…
CVE-2018-25058 — CVSS 4.2 (medium): A vulnerability classified as problematic has been found in Twitter-Post-Fetcher up to 17.x. This affects an unknown part of the file…
CVE-2025-42941 — CVSS 3.5 (low): SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external navigation protections for its link…
CVE-2018-25089 — CVSS 3.5 (low): A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown…