Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-11332 CmsEasy URL view.php cross site scripting — CmsEasy 3.5 Low2025-10-06
CVE-2025-0609 XSS in Logo Software's Logo Cloud — Logo Cloud 4.7 Medium2025-10-06
CVE-2025-9913 Cross Site Scripting: Session Hijacking — Baggage Analytics 4.5 Medium2025-10-06
CVE-2025-29192 Flowise 安全漏洞 — Flowise 8.2 High2025-10-06
CVE-2025-50538 Flowise 安全漏洞 — Flowise 8.2 High2025-10-06
CVE-2025-11308 Vanderlande Baggage 360 messages cross site scripting — Baggage 360 3.5 Low2025-10-05
CVE-2025-11306 qianfox FoxCMS Search cross site scripting — FoxCMS 4.3 Medium2025-10-05
CVE-2025-11291 ixmaps website2017 HTTP GET Request map.php cross site scripting — website2017 4.3 Medium2025-10-05
CVE-2025-11289 westboy CicadasCMS Template Management TemplateFileServiceImpl.java save cross site scripting — CicadasCMS 2.4 Low2025-10-05
CVE-2025-11283 Frappe LMS Course cross site scripting — LMS 2.4 Low2025-10-05
CVE-2025-11282 Frappe LMS Incomplete Fix CVE-2025-55006 cross site scripting — LMS 2.4 Low2025-10-05
CVE-2025-11278 AllStarLink Supermon AllMon2 cross site scripting — Supermon 4.3 Medium2025-10-05
CVE-2025-11276 Rebuild Comment/Guestbook cross site scripting — Rebuild 3.5 Low2025-10-05
CVE-2025-10383 Contest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.2 - Authenticated (Author+) Stored Cross-Site Scripting — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe 6.4 Medium2025-10-04
CVE-2025-9952 Trinity Audio <= 5.20.2 - Reflected Cross-Site Scripting — Trinity Audio – Text to Speech AI audio player to convert content into audio 6.1 Medium2025-10-04
CVE-2025-9030 Majestic Before After Image <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Majestic Before After Image 5.4 Medium2025-10-04
CVE-2025-8726 WP Photo Album Plus <= 9.0.11.006 - Authenticated (Subscriber+) Stored Cross-Site Scripting via wppa_user_upload — WP Photo Album Plus 5.4 Medium2025-10-04
CVE-2025-61681 Kuno is Vulnerable to Stored XSS Attack via SVG File Upload — kuno 5.4 Medium2025-10-03
CVE-2025-53354 NiceGUI is vulnerable to Reflected XSS attack — nicegui 6.1 Medium2025-10-03
CVE-2025-52653 Cross Site Scripting vulnerability in the web application — HCL MyXalytics 7.6 High2025-10-03
CVE-2025-0876 XSS in Isin Basi Advertisement & IT's Workif — IT's Workif 4.1 Medium2025-10-03
CVE-2025-10165 AP Background <= 3.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — AP Background 6.4 Medium2025-10-03
CVE-2025-9204 X Addons for Elementor <= 1.0.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via Youtube Video ID Field — X Addons for Elementor 6.4 Medium2025-10-03
CVE-2025-9129 Flexi <= 4.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via flexi-form-tag Shortcode — Flexi – Guest Submit 6.4 Medium2025-10-03
CVE-2025-9858 Auto Bulb Finder for WordPress <= 2.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Auto Bulb Finder for WordPress 6.4 Medium2025-10-03
CVE-2025-8776 Epic Bootstrap Buttons <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via icol Parameter — Epic Bootstrap Buttons 6.4 Medium2025-10-03
CVE-2025-9372 Ultimate Multi Design Video Carousel <= 1.4 - Authenticated (Editor+) Stored Cross-Site Scripting — Ultimate Multi Design Video Carousel 5.5 Medium2025-10-03
CVE-2025-9859 Fintelligence Calculator <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Fintelligence Calculator 6.4 Medium2025-10-03
CVE-2025-10053 TableGen – Data Table Generator <= 1.3.1 - Authenticated (Admin+) Stored Cross-Site Scripting — TableGen – Data Table Generator 4.4 Medium2025-10-03
CVE-2025-9080 Generic Elements <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting — Generic Elements 6.4 Medium2025-10-03

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.