Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-10642 wangchenyi1996 chat_forum q.php cross site scripting — chat_forum 3.5 Low2025-09-18
CVE-2025-10632 itsourcecode Online Petshop Management System Admin Dashboard availableframe.php cross site scripting — Online Petshop Management System 3.5 Low2025-09-18
CVE-2025-10631 itsourcecode Online Petshop Management System Available Products addcnp.php cross site scripting — Online Petshop Management System 3.5 Low2025-09-18
CVE-2025-59415 Frappe Learning vulnerable to Malicious Content upload via Profile bio field — lms 4.6 Medium2025-09-17
CVE-2025-10614 itsourcecode E-Logbook with Health Monitoring System for COVID-19 print_reports_prev.php cross site scripting — E-Logbook with Health Monitoring System for COVID-19 4.3 Medium2025-09-17
CVE-2025-10606 Portabilis i-Educar ConfiguracaoMovimentoGeral cross site scripting — i-Educar 4.3 Medium2025-09-17
CVE-2025-10605 Portabilis i-Educar agenda_preferencias.php cross site scripting — i-Educar 4.3 Medium2025-09-17
CVE-2025-0879 XSS in Shopside Software's Shopside App — Shopside App 4.7 Medium2025-09-17
CVE-2025-0546 XSS in Mevzuattr Software's MevzuatTR — MevzuatTR 4.7 Medium2025-09-17
CVE-2025-8411 XSS in Dokuzsoft Technology's E-Commerce Web Design Product — E-Commerce Web Design Product 7.1 High2025-09-17
CVE-2025-10591 Portabilis i-Educar Editar Função educar_funcao_cad.php cross site scripting — i-Educar 3.5 Low2025-09-17
CVE-2025-10590 Portabilis i-Educar educar_usuario_det.php cross site scripting — i-Educar 4.3 Medium2025-09-17
CVE-2025-0420 XSS in Mikrogrup's Paraşüt — Paraşüt 4.7 Medium2025-09-17
CVE-2025-0419 XSS in Mikrogrup's Zirve Nova — Zirve Nova 4.7 Medium2025-09-17
CVE-2025-9565 Blocksy Companion <= 2.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via blocksy_newsletter_subscribe Shortcode — Blocksy Companion 6.4 Medium2025-09-17
CVE-2025-9203 Media Player Addons for Elementor <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widget Fields — Media Player Addons for Elementor – Audio and Video Widgets for Elementor 6.4 Medium2025-09-17
CVE-2025-10584 Portabilis i-Educar educar_calendario_anotacao_cad.php cross site scripting — i-Educar 3.5 Low2025-09-17
CVE-2025-8153 NEC UNIVERGE IX 安全漏洞 — UNIVERGE IX 6.1AIMediumAI2025-09-17
CVE-2025-9851 Appointmind <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Appointmind 6.4 Medium2025-09-17
CVE-2025-8394 Productive Style <= 1.1.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via display_productive_breadcrumb Shortcode — Productive Style – Optimisations & Content Publishing Support 6.4 Medium2025-09-17
CVE-2025-10166 Social Media Shortcodes <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Social Media Shortcodes 6.4 Medium2025-09-17
CVE-2025-43804 Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal 6.1AIMediumAI2025-09-16
CVE-2025-10566 Campcodes Grocery Sales and Inventory System index.php cross site scripting — Grocery Sales and Inventory System 4.3 Medium2025-09-16
CVE-2025-58174 LAM profile editor stored cross-site scripting vulnerability — lam 4.6 Medium2025-09-16
CVE-2025-8276 HTML Injection in Patika Global Technologies' HumanSuite — HumanSuite 4.3 Medium2025-09-16
CVE-2024-12796 Reflected XSS in Holistic IT, Consultancy Coop.'s Workcube ERP — Workcube ERP 5.3 Medium2025-09-16
CVE-2025-10546 Cross-Site Scripting (XSS) Vulnerability in PPC XPON ONT Wi-Fi Router — PPC XPON ONT (Optical Network Terminal) 2K15X 6.1AIMediumAI2025-09-16
CVE-2025-6575 XSS in Dolusoft's Omaspot — Omaspot 5.4 Medium2025-09-16
CVE-2025-10316 Cross-Site Scripting in extension "Form to Database" (form_to_database) — Extension "Form to Database" (form_to_database) 6.1AIMediumAI2025-09-16
CVE-2025-2404 XSS in Ubit Information Technologies' STOYS — STOYS 4.3 Medium2025-09-16

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.