CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-13992	Nagios XI < 2024R1.1 XSS via Missing Page / 404 — XI	6.1	-	2025-10-31
CVE-2025-64367	WordPress Groundhogg plugin <= 4.2.6 - Cross Site Scripting (XSS) vulnerability — Groundhogg	6.5	Medium	2025-10-31
CVE-2025-64365	WordPress Ohio Extra plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability — Ohio Extra	6.5	Medium	2025-10-31
CVE-2025-64362	WordPress K Elements plugin < 5.5.0 - Cross Site Scripting (XSS) vulnerability — K Elements	6.5	Medium	2025-10-31
CVE-2025-64361	WordPress Consulting Elementor Widgets plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability — Consulting Elementor Widgets	6.5	Medium	2025-10-31
CVE-2025-64354	WordPress Gutenberg plugin <= 21.8.2 - Cross Site Scripting (XSS) vulnerability — Gutenberg	6.5	Medium	2025-10-31
CVE-2025-11806	Qzzr Shortcode Plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Qzzr Shortcode Plugin	6.4	Medium	2025-10-31
CVE-2011-10037	Nagios XI < 2011R1.9 XSS via xiwindow Variables Affecting Permalinks — XI	6.1^AI	Medium^AI	2025-10-30
CVE-2021-47697	Nagios XI < 5.8.0 XSS via Views URL Handling — XI	6.1^AI	Medium^AI	2025-10-30
CVE-2018-25121	Nagios XI < 5.4.13 XSS via Views Page — XI	6.1^AI	Medium^AI	2025-10-30
CVE-2013-10074	Nagios XI < 2012R2.6 XSS via Tools Menu — XI	4.8^AI	Medium^AI	2025-10-30
CVE-2011-10040	Nagios XI < 2011R1.9 XSS via Status/Report Page Link Functions — XI	5.4^AI	Medium^AI	2025-10-30
CVE-2016-15051	Nagios XI < 5.2.4 XSS via Report startdate/enddate Fields — XI	5.4^AI	Medium^AI	2025-10-30
CVE-2011-10038	Nagios XI < 2011R1.9 XSS via Recurring Downtime Script — XI	6.1^AI	Medium^AI	2025-10-30
CVE-2021-47695	Nagios XI < 5.8.0 XSS via My Tools Page — XI	4.8^AI	Medium^AI	2025-10-30
CVE-2016-15053	Nagios XI < 5.2.4 XSS via “My Reports” Listing — XI	5.4^AI	Medium^AI	2025-10-30
CVE-2016-15052	Nagios XI < 5.2.4 XSS via Menu System — XI	4.8^AI	Medium^AI	2025-10-30
CVE-2020-36866	Nagios XI < 5.7.3 XSS via Manage Users in Admin Interface — XI	4.8^AI	Medium^AI	2025-10-30
CVE-2023-7316	Nagios XI < 2024R1 XSS via Graph Explorer — XI	6.1^AI	Medium^AI	2025-10-30
CVE-2023-7315	Nagios XI < 5.11.3 XSS via Graph Explorer — XI	6.1^AI	Medium^AI	2025-10-30
CVE-2024-14001	Nagios XI < 2024R1.1.3 XSS via Executive Summary Report — XI	5.4^AI	Medium^AI	2025-10-30
CVE-2020-36864	Nagios XI < 5.7.2 XSS via Dashboard Background Color Setting — XI	5.4^AI	Medium^AI	2025-10-30
CVE-2023-7318	Nagios XI < 2024R1.0.2 XSS via Core Command Expansion — XI	6.1^AI	Medium^AI	2025-10-30
CVE-2024-14000	Nagios XI < 2024R1.1.3 XSS via Capacity Planning Report — XI	5.4^AI	Medium^AI	2025-10-30
CVE-2023-7313	Nagios XI < 5.11.3 XSS via Bulk Modifications — XI	4.8^AI	Medium^AI	2025-10-30
CVE-2020-36865	Nagios XI < 5.7.2 XSS via BPI Config Management — XI	5.4^AI	Medium^AI	2025-10-30
CVE-2021-47696	Nagios XI < 5.8.0 XSS via BPI Config ID Handling — XI	4.8^AI	Medium^AI	2025-10-30
CVE-2023-7314	Nagios XI < 5.11.3 XSS via Bandwidth Report — XI	6.1^AI	Medium^AI	2025-10-30
CVE-2011-10036	Nagios XI < 2011R1.9 XSS via backend_url JavaScript Link Handler — XI	5.4^AI	Medium^AI	2025-10-30
CVE-2011-10039	Nagios XI < 2011R1.9 XSS via Alert Heatmap Report & “My Reports” Listing — XI	5.4^AI	Medium^AI	2025-10-30

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529