Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21531

21531 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-3075 Elementor <= 3.29.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Elementor Website Builder – more than just a page builder 6.4 Medium2025-07-29
CVE-2025-7809 StreamWeasels Twitch Integration <= 1.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — StreamWeasels Twitch Integration 6.4 Medium2025-07-29
CVE-2025-7811 StreamWeasels YouTube Integration <= 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — StreamWeasels YouTube Integration 6.4 Medium2025-07-29
CVE-2025-7810 StreamWeasels Kick Integration <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — StreamWeasels Kick Integration 5.4 Medium2025-07-29
CVE-2025-54423 copyparty has a DOM-Based XSS vulnerability when displaying multimedia metadata — copyparty 5.4 Medium2025-07-28
CVE-2025-54299 Extension - nobossextensions.com - Stored XSS vulnerability in No Boss Testimonials component 1.0.0-3.0.0 and 4.0.0-4.0.2 for Joomla — No Boss Testimonials component for Joomla 6.1AIMediumAI2025-07-28
CVE-2025-54298 Extension - firecoders.com - Stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla — CommentBox component for Joomla 6.1AIMediumAI2025-07-28
CVE-2025-54534 JetBrains TeamCity 跨站脚本漏洞 — TeamCity 4.8 Medium2025-07-28
CVE-2025-32731 MedDream PACS Premium 跨站脚本漏洞 — MedDream PACS Premium 6.1 Medium2025-07-28
CVE-2025-40730 HTML injection in Vox Media's Chorus CMS — Chorus CMS 6.1AIMediumAI2025-07-28
CVE-2025-27802 Stored Cross-Site Scripting in Episerver Content Management System (CMS) Edit Preview — Episerver Content Management System (CMS) 4.8 Medium2025-07-28
CVE-2025-27801 Stored Cross-Site Scripting in Episerver Content Management System (CMS) Media Selection Preview — Episerver Content Management System (CMS) 4.8 Medium2025-07-28
CVE-2025-27800 Stored Cross-Site Scripting in Episerver Content Management System (CMS) Admin Dashboard — Episerver Content Management System (CMS) 4.8 Medium2025-07-28
CVE-2025-8222 jerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsController.java cross site scripting — JPACookieShop 蛋糕商城JPA版 3.5 Low2025-07-27
CVE-2025-8221 jerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsCustController.java goodsSearch cross site scripting — JPACookieShop 蛋糕商城JPA版 4.3 Medium2025-07-27
CVE-2025-54597 Heimdall 跨站脚本漏洞 — Heimdall 7.2 High2025-07-27
CVE-2025-8211 Roothub SystemConfigAdminController.java edit cross site scripting — Roothub 3.5 Low2025-07-26
CVE-2025-8206 Comodo Dragon IP DNS Leakage Detector cross site scripting — Dragon 3.1 Low2025-07-26
CVE-2025-8191 macrozheng mall Swagger UI index.html cross site scripting — mall 3.5 Low2025-07-26
CVE-2025-5529 Educenter <= 1.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Educenter 6.4 Medium2025-07-26
CVE-2025-6987 Advanced iFrame <= 2025.5 - Authenticated (Contributor+) Stored Cross-Site Scripting — Advanced iFrame 6.4 Medium2025-07-26
CVE-2025-7501 Wonder Slider Lite & Wonder Slider <= 14.4 - Authenticated (Contributor+) Dom-based Stored Cross-Site Scripting — Wonder Slider 6.4 Medium2025-07-26
CVE-2025-8167 code-projects Church Donation System edit_members.php cross site scripting — Church Donation System 3.5 Low2025-07-25
CVE-2022-4979 Sitecore XP 7.5 - 10.2, CMS 7.2, and Managed Cloud XSS — Experience Platform 4.8 -2025-07-25
CVE-2025-8155 D-Link DCS-6010L Management Application vb.htm cross site scripting — DCS-6010L 3.5 Low2025-07-25
CVE-2025-5254 Stored XSS in Kron Technologies' Kron PAM — Kron PAM 6.1 Medium2025-07-25
CVE-2023-53155 EmbedThis GoAhead 跨站脚本漏洞 — GoAhead 7.2 High2025-07-25
CVE-2025-3614 ElementsKit Elementor Addons and Templates <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor 6.4 Medium2025-07-24
CVE-2025-8115 PHPGurukul Taxi Stand Management System new-autoortaxi-entry-form.php cross site scripting — Taxi Stand Management System 3.5 Low2025-07-24
CVE-2025-46993 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience Manager 5.4 Medium2025-07-24

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.