Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-43785 Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal 5.4AIMediumAI2025-09-10
CVE-2025-59035 Indico vulnerable to Cross-Site Scripting via LaTeX math code — indico 4.6 Medium2025-09-10
CVE-2025-8681 Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component — Pega Infinity 5.5 Medium2025-09-10
CVE-2025-40725 Reflected Cross-Site Scripting (XSS) in Azon Dominator — Azon Dominator PHP script 6.1AIMediumAI2025-09-10
CVE-2025-10126 MyBrain Utilities <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting — MyBrain Utilities 6.4 Medium2025-09-10
CVE-2025-9857 Heateor Login – Social Login Plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Heateor Login – Social Login Plugin 6.4 Medium2025-09-10
CVE-2025-9367 Welcart e-Commerce <= 2.11.20 - Authenticated (Editor+) Stored Cross-Site Scripting — Welcart e-Commerce 5.5 Medium2025-09-10
CVE-2025-8388 PowerPack Lite for Elementor <= 2.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting Via 'cursor_url' — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) 6.4 Medium2025-09-10
CVE-2025-49461 Zoom Workplace Clients - Cross-site Scripting — Zoom Workplace Clients 4.3 Medium2025-09-09
CVE-2025-7746 Schneider Electric ATV Series 跨站脚本漏洞 — ATV630/650/660/680/6A0/6B0/6L0 Altivar Process Drives 6.1AIMediumAI2025-09-09
CVE-2025-34178 Netgate pfSense CE Suricata package v7.0.8_2 Stored Cross-Site Scripting — pfSense CE 5.4AIMediumAI2025-09-09
CVE-2025-34177 Netgate pfSense CE Suricata package v7.0.8_2 Stored Cross-Site Scripting — pfSense CE 5.4AIMediumAI2025-09-09
CVE-2025-58765 wabac.js has XSS vulnerability in 404 error handling logic — wabac.js 7.1 High2025-09-09
CVE-2025-34175 Netgate pfSense CE Suricata package v7.0.8_2 Reflected Cross-Site Scripting — pfSense CE 6.1AIMediumAI2025-09-09
CVE-2025-34174 Netgate pfSense CE Status_Traffic_Totals Package v2.3.2_7 Stored Cross-Site Scripting — pfSense CE 5.4AIMediumAI2025-09-09
CVE-2025-34172 Netgate pfSense CE HAProxy Package 0.63_10 Reflected Cross-Site Scripting — pfSense CE 6.1AIMediumAI2025-09-09
CVE-2025-36125 IBM Hardware Management Console - Power Systems cross-site scripting — Hardware Management Console 6.4 Medium2025-09-09
CVE-2025-55054 Baicells EG7035E-M11 跨站脚本漏洞 — EG7035E-M11 6.1 Medium2025-09-09
CVE-2025-43786 Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal 5.3AIMediumAI2025-09-09
CVE-2025-43781 Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal 6.1AIMediumAI2025-09-09
CVE-2025-43775 Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal 6.1AIMediumAI2025-09-09
CVE-2025-54252 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience Manager 5.4 Medium2025-09-09
CVE-2025-58982 WordPress Pixeline's Email Protector Plugin <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability — Pixeline's Email Protector 5.9 Medium2025-09-09
CVE-2025-58983 WordPress Include Me Plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability — Include Me 5.9 Medium2025-09-09
CVE-2025-58984 WordPress Welcart e-Commerce Plugin <= 2.11.20 - Cross Site Scripting (XSS) Vulnerability — Welcart e-Commerce 5.9 Medium2025-09-09
CVE-2025-58985 WordPress Additional Custom Product Tabs for WooCommerce Plugin <= 1.7.3 - Cross Site Scripting (XSS) Vulnerability — Additional Custom Product Tabs for WooCommerce 6.5 Medium2025-09-09
CVE-2025-58987 WordPress Football Pool Plugin <= 2.12.6 - Cross Site Scripting (XSS) Vulnerability — Football Pool 6.5 Medium2025-09-09
CVE-2025-58988 WordPress My Tickets Plugin <= 2.0.22 - Cross Site Scripting (XSS) Vulnerability — My Tickets 6.5 Medium2025-09-09
CVE-2025-58989 WordPress Dynamic Text Field For Contact Form 7 Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability — Dynamic Text Field For Contact Form 7 6.5 Medium2025-09-09
CVE-2025-58990 WordPress ShopLentor Plugin <= 3.2.0 - Cross Site Scripting (XSS) Vulnerability — ShopLentor 6.5 Medium2025-09-09

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.