Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21532

21532 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-42962 Cross-Site Scripting (XSS) vulnerability in SAP Business Warehouse (Business Explorer Web 3.5 loading animation) — SAP Business Warehouse (Business Explorer Web 3.5 loading animation) 6.1 Medium2025-07-08
CVE-2025-7153 CodeAstro Simple Hospital Management System POST Parameter doctor.html cross site scripting — Simple Hospital Management System 3.5 Low2025-07-08
CVE-2025-7148 CodeAstro Simple Hospital Management System POST Parameter patient.html cross site scripting — Simple Hospital Management System 3.5 Low2025-07-07
CVE-2025-7144 SourceCodester Best Salon Management System Admin Profile Page admin-profile.php cross site scripting — Best Salon Management System 2.4 Low2025-07-07
CVE-2025-7143 SourceCodester Best Salon Management System Update Tax Page edit-tax.php cross site scripting — Best Salon Management System 2.4 Low2025-07-07
CVE-2025-53543 Kestra allows Stored XSS before 0.22 — kestra 4.2 Medium2025-07-07
CVE-2025-7142 SourceCodester Best Salon Management System search-appointment.php cross site scripting — Best Salon Management System 2.4 Low2025-07-07
CVE-2025-53496 Stored XSS in MediaSearch — Mediawiki - MediaSearch Extension 6.1AIMediumAI2025-07-07
CVE-2025-7141 SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting — Best Salon Management System 2.4 Low2025-07-07
CVE-2025-53488 Stored XSS in WikiHiero — Mediawiki - WikiHiero Extension 5.4AIMediumAI2025-07-07
CVE-2025-7140 SourceCodester Best Salon Management System Update Staff Page edit-staff.php cross site scripting — Best Salon Management System 2.4 Low2025-07-07
CVE-2025-53478 CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate via unsanitized i18n messages — Mediawiki - CheckUser extension 6.1AIMediumAI2025-07-07
CVE-2025-7139 SourceCodester Best Salon Management System Update Customer Details Page edit-customer-detailed.php cross site scripting — Best Salon Management System 2.4 Low2025-07-07
CVE-2025-53526 WeGIA allows Stored XSS attacks in novo_memorando.php — WeGIA 6.1AIMediumAI2025-07-07
CVE-2025-53525 WebGia allows Cross-Site Scripting (XSS) in profile_familiar.php via the id_dependente parameter — WeGIA 6.1AIMediumAI2025-07-07
CVE-2025-53497 Stored XSS in RelatedArticles — Mediawiki - RelatedArticles Extension 5.4AIMediumAI2025-07-07
CVE-2025-53377 WebGia allows Cross-Site Scripting (XSS) in cadastro_dependente_pessoa_nova.php via the id_funcionario parameter — WeGIA 6.1AIMediumAI2025-07-07
CVE-2025-53491 XSS in FlaggedRevs — Mediawiki - FlaggedRevs Extension 6.1AIMediumAI2025-07-07
CVE-2025-53487 ApprovedRevs: Stored Cross-Site Scripting (XSS) via unsanitized system messages — Mediawiki - ApprovedRevs extension 5.4AIMediumAI2025-07-07
CVE-2025-7057 Stored XSS in Quiz — Mediawiki - Quiz Extension 6.1AIMediumAI2025-07-07
CVE-2025-53486 WikiCategoryTagCloud: Reflected Cross-Site Scripting (XSS) via linkstyle attribute in parser function — Mediawiki - WikiCategoryTagCloud extension 6.1AIMediumAI2025-07-07
CVE-2025-7056 Stored XSS in UrlShortener — Mediawiki - UrlShortener Extension 6.1AIMediumAI2025-07-07
CVE-2025-3467 XSS Vulnerability in langgenius/dify — langgenius/dify 6.1AIMediumAI2025-07-07
CVE-2024-43334 WordPress Zilom theme < 1.4.5 - Cross Site Scripting (XSS) vulnerability — Zilom 7.1 High2025-07-07
CVE-2025-4779 Stored Cross-site Scripting (XSS) in lunary-ai/lunary — lunary-ai/lunary 6.1AIMediumAI2025-07-07
CVE-2025-7113 Portabilis i-Educar Curricular Components Module edit cross site scripting — i-Educar 3.5 Low2025-07-07
CVE-2025-7112 Portabilis i-Educar Function Management Module educar_funcao_det.php cross site scripting — i-Educar 3.5 Low2025-07-07
CVE-2025-7111 Portabilis i-Educar Course Module educar_curso_det.php cross site scripting — i-Educar 3.5 Low2025-07-07
CVE-2025-7110 Portabilis i-Educar School Module educar_escola_lst.php cross site scripting — i-Educar 3.5 Low2025-07-07
CVE-2025-7109 Portabilis i-Educar Student Benefits Registration educar_aluno_beneficio_lst.php cross site scripting — i-Educar 3.5 Low2025-07-07

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.