Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21531

21531 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-46996 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience Manager 5.4 Medium2025-07-24
CVE-2025-47061 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience Manager 5.4 Medium2025-07-24
CVE-2025-46410 WWBN AVideo 跨站脚本漏洞 — AVideo 9.6 Critical2025-07-24
CVE-2025-53084 多款产品跨站脚本漏洞 — AVideo 9.0 Critical2025-07-24
CVE-2025-50128 WWBN AVideo 跨站脚本漏洞 — AVideo 9.6 Critical2025-07-24
CVE-2025-36548 WWBN AVideo 跨站脚本漏洞 — AVideo 8.3 High2025-07-24
CVE-2025-41420 WWBN AVideo 跨站脚本漏洞 — AVideo 9.6 Critical2025-07-24
CVE-2025-7959 Station Pro <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via width and height Parameters — Station Pro – Advanced Audio Streaming & Player for WordPress 6.4 Medium2025-07-24
CVE-2025-6588 FunnelCockpit <= 1.4.3 - Reflected Cross-Site Scripting via `error` Parameter — FunnelCockpit 6.1 Medium2025-07-24
CVE-2025-6382 Taeggie Feed <= 0.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via name Attribute — Taeggie Feed 6.4 Medium2025-07-24
CVE-2025-4608 Structured Content <= 1.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via sc_fs_local_business Shortcode — Structured Content (JSON-LD) #wpsc 6.4 Medium2025-07-24
CVE-2025-6539 Voltax Video Player <= 1.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter — Voltax Video Player 6.4 Medium2025-07-24
CVE-2025-3669 Supreme Addons for Beaver Builder <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via auto_qrcodesabb Shortcode — Supreme Addons for Beaver Builder – 6.4 Medium2025-07-24
CVE-2025-6262 muse.ai video embedding <= 0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via muse-ai Shortcode — skiv video embedding 6.4 Medium2025-07-24
CVE-2025-6387 WP Get The Table <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter — WP Get The Table 6.4 Medium2025-07-24
CVE-2025-6385 WP Applink <= 0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via title Parameter — WP Applink 6.4 Medium2025-07-24
CVE-2025-7966 Get Youtube Subs <= 3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via subscribe_link_att Function — Get Youtube Subs 6.4 Medium2025-07-24
CVE-2025-8071 Mine CloudVod <= 2.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via audio Parameter — Mine CloudVod LMS 6.4 Medium2025-07-24
CVE-2025-5084 Post Grid Master <= 3.4.13 - Reflected Cross-Site Scripting via argsArray['read_more_text'] — Post Grid Master — Post Grids & AJAX Filters 6.1 Medium2025-07-24
CVE-2025-4968 WPBakery Page Builder <= 8.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Page Builder Elements — WPBakery Page Builder 6.4 Medium2025-07-24
CVE-2025-32019 Harbor's repository description page allows for XSS — harbor 4.1 Medium2025-07-23
CVE-2025-4439 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLab 7.7 High2025-07-23
CVE-2025-4700 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLab 8.7 High2025-07-23
CVE-2025-40598 SonicWall SMA 100 Series 跨站脚本漏洞 — SMA 100 Series 6.1 -2025-07-23
CVE-2025-4411 XSS in Dataprom Informatics' PACS-ACSS — PACS-ACSS 6.5 Medium2025-07-23
CVE-2025-54297 Extension - compojoom.com - Stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla — CComment component for Joomla 6.1 -2025-07-23
CVE-2025-54295 Extension - dj-extensions.com - Reflected XSS vulnerability in DJ-Reviews component 1.0-1.3.6 for Joomla — DJ-Reviews component for Joomla 6.1 -2025-07-23
CVE-2025-54296 Extension - mooj.org - Stored XSS vulnerability in ProFiles component 1.0-1.5.0 for Joomla — ProFiles component for Joomla 6.1 -2025-07-23
CVE-2025-27930 Stored XSS — Applications Manager 6.4 Medium2025-07-23
CVE-2024-53288 Synology Router Manager 跨站脚本漏洞 — Synology Router Manager (SRM) 5.9 Medium2025-07-23

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.