Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21531

21531 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-53287 Synology Router Manager 跨站脚本漏洞 — Synology Router Manager (SRM) 5.9 Medium2025-07-23
CVE-2025-5753 Valuation Calculator <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via link Parameter — Commercial Real Estate Valuation Calculator 6.4 Medium2025-07-23
CVE-2025-6261 Fleetwire Fleet Management Plugin <= 1.0.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via fleetwire_list Shortcode — Fleetwire Fleet Management 6.4 Medium2025-07-23
CVE-2025-43488 Poly Clariti Manager - Multiple Security Vulnerabilities — Poly Clariti Manager 6.1 -2025-07-22
CVE-2025-43486 Poly Clariti Manager - Multiple Security Vulnerabilities — Poly Clariti Manager 5.4 -2025-07-22
CVE-2025-43484 Poly Clariti Manager - Multiple Security Vulnerabilities — Poly Clariti Manager 6.1 -2025-07-22
CVE-2025-41425 DuraComm DP-10iN-100-MU Cross-site Scripting — SPM-500 DP-10iN-100-MU 8.1 High2025-07-22
CVE-2025-8015 Shortcodes Ultimate <= 7.4.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title and Slide Link — WP Shortcodes Plugin — Shortcodes Ultimate 6.4 Medium2025-07-22
CVE-2025-4294 XSS in HotelRunner's B2B — B2B 4.8 Medium2025-07-22
CVE-2025-34141 ETQ Reliance CG < SE.2025.1 Reflected XSS in `SQLConverterServlet` — Reliance CG (legacy) 6.1 -2025-07-22
CVE-2025-4284 Reflected XSS in Rolantis Information Technologies' Agentis — Agentis 6.1 Medium2025-07-22
CVE-2025-7644 Pixel Gallery Addons for Elementor – Easy Grid, Creative Gallery, Drag and Drop Grid, Custom Grid Layout, Portfolio Gallery <= 1.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Pixel Gallery Addons for Elementor – Easy Grid, Creative Gallery, Drag and Drop Grid, Custom Grid Layout, Portfolio Gallery 6.4 Medium2025-07-22
CVE-2025-7495 WP-Members <= 3.5.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP-Members Membership Plugin 6.4 Medium2025-07-22
CVE-2025-7951 code-projects Public Chat Room send_message.php cross site scripting — Public Chat Room 3.5 Low2025-07-22
CVE-2025-6831 User Registration <= 4.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via urcr_restrict Shortcode — User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder 6.4 Medium2025-07-22
CVE-2025-5240 CRM and Lead Management by vcita <= 2.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter — CRM and Lead Management by vcita 6.4 Medium2025-07-22
CVE-2025-7946 PHPGurukul Apartment Visitors Management System HTTP POST Request search-visitor.php cross site scripting — Apartment Visitors Management System 4.3 Medium2025-07-22
CVE-2025-7944 PHPGurukul Taxi Stand Management System search.php cross site scripting — Taxi Stand Management System 4.3 Medium2025-07-21
CVE-2025-7943 PHPGurukul Taxi Stand Management System search-autoortaxi.php cross site scripting — Taxi Stand Management System 4.3 Medium2025-07-21
CVE-2025-7486 Ebook Store <= 5.8012 - Authenticated (Administrator+) Stored Cross-Site Scripting via Order Details — Ebook Store 4.4 Medium2025-07-21
CVE-2025-7942 PHPGurukul Taxi Stand Management System admin-profile.php cross site scripting — Taxi Stand Management System 3.5 Low2025-07-21
CVE-2025-7941 PHPGurukul Time Table Generator System profile.php cross site scripting — Time Table Generator System 3.5 Low2025-07-21
CVE-2025-54128 HAX CMS NodeJs's Disabled Content Security Policy Enables Cross-Site Scripting — issues 6.1 -2025-07-21
CVE-2025-53528 Cadwyn is vulnerable to an XSS attack through its docs page — cadwyn 7.6 High2025-07-21
CVE-2025-7716 Real-time SEO for Drupal - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-091 — Real-time SEO for Drupal 6.1 -2025-07-21
CVE-2025-7715 Block Attributes - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-090 — Block Attributes 6.1 -2025-07-21
CVE-2025-7392 Cookies Addons - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-087 — Cookies Addons 6.1 -2025-07-21
CVE-2025-6235 ExtremeControl (NAC) 'onmouseover' XSS — ExtremeControl 6.1 -2025-07-21
CVE-2025-7926 PHPGurukul Online Banquet Booking System booking-search.php cross site scripting — Online Banquet Booking System 3.5 Low2025-07-21
CVE-2025-7925 PHPGurukul Online Banquet Booking System login.php cross site scripting — Online Banquet Booking System 4.3 Medium2025-07-21

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.