CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-57877	Reflected XSS vulnerability in Portal for ArcGIS. — Portal for ArcGIS	4.8	Medium	2025-09-29
CVE-2025-57876	Stored XSS vulnerability in Portal for ArcGIS — Portal for ArcGIS	4.8	Medium	2025-09-29
CVE-2025-36352	IBM License Metric Tool cross-site scripting — License Metric Tool	6.4	Medium	2025-09-29
CVE-2025-11147	Reflected Cross-site scripting (XSS) vulnerability in Apt-Cacher-NG — Apt-Cacher-NG	6.1^AI	Medium^AI	2025-09-29
CVE-2025-11146	Reflected Cross-site scripting (XSS) vulnerability in Apt-Cacher-NG — Apt-Cacher-NG	6.1^AI	Medium^AI	2025-09-29
CVE-2025-10346	HTML injection in Perfex CRM — Perfex CRM	5.4^AI	Medium^AI	2025-09-29
CVE-2025-10345	HTML injection in Perfex CRM — Perfex CRM	5.5^AI	Medium^AI	2025-09-29
CVE-2025-10344	HTML injection in Perfex CRM — Perfex CRM	6.4^AI	Medium^AI	2025-09-29
CVE-2025-10343	HTML injection in Perfex CRM — Perfex CRM	5.4^AI	Medium^AI	2025-09-29
CVE-2025-10342	HTML injection in Perfex CRM — Perfex CRM	5.4^AI	Medium^AI	2025-09-29
CVE-2025-10341	HTML injection in Perfex CRM — Perfex CRM	5.4^AI	Medium^AI	2025-09-29
CVE-2025-11137	Gstarsoft GstarCAD File Renaming cross site scripting — GstarCAD	3.5	Low	2025-09-29
CVE-2025-11134	Cudy TR1200 Wireless Settings config cross site scripting — TR1200	2.4	Low	2025-09-29
CVE-2025-11125	langleyfcu Online Banking System Error Message connection_error.php cross site scripting — Online Banking System	4.3	Medium	2025-09-28
CVE-2025-11124	code-projects Project Monitoring System postjob.php cross site scripting — Project Monitoring System	3.5	Low	2025-09-28
CVE-2025-11119	itsourcecode Hostel Management System POST Request index.php cross site scripting — Hostel Management System	4.3	Medium	2025-09-28
CVE-2025-11112	PHPGurukul Employee Record Management System myprofile.php cross site scripting — Employee Record Management System	4.3	Medium	2025-09-28
CVE-2025-11069	westboy CicadasCMS Add Department save cross site scripting — CicadasCMS	2.4	Low	2025-09-27
CVE-2025-11068	westboy CicadasCMS save cross site scripting — CicadasCMS	2.4	Low	2025-09-27
CVE-2025-11067	Projectworlds Visitor Management System Add Visitor myform.php cross site scripting — Visitor Management System	2.4	Low	2025-09-27
CVE-2025-9816	WP Statistics <= 14.5.4 - Unauthenticated Stored Cross-Site Scripting via User-Agent Header — WP Statistics – Simple, privacy-friendly Google Analytics alternative	7.2	High	2025-09-27
CVE-2025-8440	Team Members <= 5.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting — Team Members	6.4	Medium	2025-09-27
CVE-2025-36239	IBM Storage TS4500 Library cross-site scripting — Storage TS4500 Library	6.1	Medium	2025-09-27
CVE-2025-11027	givanz Vvveb SVG File cross site scripting — Vvveb	2.4	Low	2025-09-26
CVE-2025-11019	Total.js CMS Files Menu cross site scripting — CMS	2.4	Low	2025-09-26
CVE-2025-6396	XSS in Webbeyaz's web site — Website Software	6.1	Medium	2025-09-26
CVE-2025-9642	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLab	8.7	High	2025-09-26
CVE-2025-60186	WordPress Google+ Comments Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability — Google+ Comments	5.9	Medium	2025-09-26
CVE-2025-60185	WordPress kontur Admin Style Plugin <= 1.0.4 - Cross Site Scripting (XSS) Vulnerability — kontur Admin Style	5.9	Medium	2025-09-26
CVE-2025-60184	WordPress SEO Search Permalink Plugin <= 1.0.3 - Cross Site Scripting (XSS) Vulnerability — SEO Search Permalink	5.9	Medium	2025-09-26

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529