Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-5347 Stored XSS — ManageEngine Exchange Reporter Plus 6.3 Medium2025-10-30
CVE-2025-5343 Stored XSS — ManageEngine Exchange Reporter Plus 6.3 Medium2025-10-30
CVE-2025-10348 Stored Cross-Site Scripting in URVE Smart Office — URVE Smart Office 5.4AIMediumAI2025-10-30
CVE-2025-12475 Blocksy Companion <= 2.1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting — Blocksy Companion 6.4 Medium2025-10-30
CVE-2025-12083 CivicTheme Design System - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-113 — CivicTheme Design System 6.1AIMediumAI2025-10-29
CVE-2025-10931 Umami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109 — Umami Analytics 6.1AIMediumAI2025-10-29
CVE-2025-10927 Plausible tracking - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-107 — Plausible tracking 6.1AIMediumAI2025-10-29
CVE-2025-10926 JSON Field - Critical - Cross Site Scripting - SA-CONTRIB-2025-106 — JSON Field 6.1AIMediumAI2025-10-29
CVE-2025-54384 CKAN stored XSS vulnerability in Markdown description fields — ckan 6.3 Medium2025-10-29
CVE-2025-12450 LiteSpeed Cache <= 7.5.0.1 - Reflected Cross-Site Scripting — LiteSpeed Cache 6.1 Medium2025-10-29
CVE-2025-64291 WordPress Premmerce User Roles plugin <= 1.0.13 - Cross Site Scripting (XSS) vulnerability — Premmerce User Roles 5.9 Medium2025-10-29
CVE-2025-64289 WordPress Premmerce Product Search for WooCommerce plugin <= 2.2.5 - Cross Site Scripting (XSS) vulnerability — Premmerce Product Search for WooCommerce 5.9 Medium2025-10-29
CVE-2025-64220 WordPress Rey Core plugin <= 3.1.8 - Cross Site Scripting (XSS) vulnerability — Rey Core 6.5 Medium2025-10-29
CVE-2025-64208 WordPress Jannah - Extensions plugin <= 1.1.4 - Cross Site Scripting (XSS) vulnerability — Jannah - Extensions 6.5 Medium2025-10-29
CVE-2025-64204 WordPress SmartMag theme <= 10.3.1 - Cross Site Scripting (XSS) vulnerability — SmartMag 6.5 Medium2025-10-29
CVE-2025-64202 WordPress Sahifa theme < 5.8.6 - Cross Site Scripting (XSS) vulnerability — Sahifa 6.5 Medium2025-10-29
CVE-2025-64200 WordPress Email Template Customizer for WooCommerce plugin <= 1.2.17 - Cross Site Scripting (XSS) vulnerability — Email Template Customizer for WooCommerce 5.9 Medium2025-10-29
CVE-2025-64197 WordPress Rehub theme < 19.9.9.1 - Cross Site Scripting (XSS) vulnerability — Rehub 6.5 Medium2025-10-29
CVE-2025-64194 WordPress Eduma theme <= 5.7.6 - Cross Site Scripting (XSS) vulnerability — Eduma 6.5 Medium2025-10-29
CVE-2025-49042 WordPress WooCommerce plugin <= 10.0.2 - Cross Site Scripting (XSS) vulnerability — WooCommerce 5.9 Medium2025-10-29
CVE-2025-64094 DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload — Dnn.Platform 6.4 Medium2025-10-28
CVE-2025-62800 FastMCP vulnerable to reflected XSS in client's callback page — fastmcp 6.1AIMediumAI2025-10-28
CVE-2025-62798 Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax — sharp 5.4 Medium2025-10-28
CVE-2025-62796 PrivateBin persistent HTML injection in attachment filename enables redirect and defacement — PrivateBin 5.8 Medium2025-10-28
CVE-2025-34307 IPFire < v2.29 Stored XSS via Default Country Search — IPFire 5.4AIMediumAI2025-10-28
CVE-2025-34306 IPFire < v2.29 Stored XSS via Default IP Search Value — IPFire 5.4AIMediumAI2025-10-28
CVE-2025-34308 IPFire < v2.29 Stored XSS via Default Time Sync — IPFire 5.4AIMediumAI2025-10-28
CVE-2025-34318 IPFire < v2.29 Stored XSS via DNS Creation (proxy.cgi) — IPFire 5.4AIMediumAI2025-10-28
CVE-2025-34317 IPFire < v2.29 Stored XSS via DNS Creation (dns.cgi) — IPFire 5.4AIMediumAI2025-10-28
CVE-2025-34309 IPFire < v2.29 Stored XSS via Dynamic DNS Host — IPFire 5.4AIMediumAI2025-10-28

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.