Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-48113 WordPress Broadstreet plugin <= 1.51.2 - Cross Site Scripting (XSS) vulnerability — Broadstreet Ads 6.5 Medium2025-05-16
CVE-2025-48080 WordPress Uncanny Toolkit for LearnDash plugin <= 3.7.0.2 - Cross Site Scripting (XSS) Vulnerability — Uncanny Toolkit for LearnDash 6.5 Medium2025-05-16
CVE-2025-48112 WordPress Dot html,php,xml etc pages plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Dot html,php,xml etc pages 7.1 High2025-05-16
CVE-2025-40632 Cross-site scripting (XSS) vulnerability in IceWarp Mail Server — Icewarp Mail Server 6.1AIMediumAI2025-05-16
CVE-2025-4745 code-projects Employee Record System current_employees.php cross site scripting — Employee Record System 3.5 Low2025-05-16
CVE-2025-4744 code-projects Employee Record System edit_employee.php cross site scripting — Employee Record System 3.5 Low2025-05-16
CVE-2025-4169 Posts per Cat [Unmaintained] <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Posts per Cat 6.4 Medium2025-05-16
CVE-2025-47929 DumbDrop vulnerable to DOM XSS via file upload — DumbDrop 6.1AIMediumAI2025-05-15
CVE-2025-47786 Emlog vulnerable to Stored Cross-site Scripting — emlog 5.4AIMediumAI2025-05-15
CVE-2025-1647 XSS in Bootstrap title attribute for Tooltip and Popover — Bootstrap 5.6 Medium2025-05-15
CVE-2025-3440 IBM Security Guardium cross-site scripting — Security Guardium 5.5 Medium2025-05-15
CVE-2025-4591 Weluka Lite <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Weluka Lite 6.4 Medium2025-05-15
CVE-2025-4589 Bon Toolkit <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Bon Toolkit 6.4 Medium2025-05-15
CVE-2025-4579 WP Content Security Plugin <= 2.3 - Unauthenticated Stored Cross-Site Scripting via CSP-Report Fields — WP Content Security Plugin 7.2 High2025-05-15
CVE-2025-48051 lila 安全漏洞 — Lila 4.7 Medium2025-05-15
CVE-2025-47783 label-studio vulnerable to Cross-Site Scripting (Reflected) via the label_config parameter. — label-studio 8.2AIHighAI2025-05-14
CVE-2025-33104 IBM WebSphere Application Server cross — WebSphere Application Server 4.4 Medium2025-05-14
CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal — Cloud NGFW 6.1AIMediumAI2025-05-14
CVE-2025-46786 Zoom Workplace Apps - Cross-site Scripting — Zoom Workplace Apps 4.3 Medium2025-05-14
CVE-2025-30664 Zoom Workplace Apps - Cross-site Scripting — Zoom Workplace Apps 6.6 Medium2025-05-14
CVE-2025-47705 IFrame Remove Filter - Moderately critical - Cross site scripting - SA-CONTRIB-2025-051 — IFrame Remove Filter 6.1AIMediumAI2025-05-14
CVE-2025-47704 Klaro Cookie & Consent Management - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-050 — Klaro Cookie & Consent Management 6.1AIMediumAI2025-05-14
CVE-2025-47703 COOKiES Consent Management - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-049 — COOKiES Consent Management 6.1AIMediumAI2025-05-14
CVE-2025-47702 oEmbed Providers - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-048 — oEmbed Providers 6.1AIMediumAI2025-05-14
CVE-2024-56157 iTop vulnerable to Self XSS in CSV Import — iTop 6.3 Medium2025-05-14
CVE-2024-10865 Reflected Cross-Site Scripting vulnerability in OpenText Advanced Authentication — Advance Authentication 6.1AIMediumAI2025-05-14
CVE-2024-52290 Stored XSS in Configuration Key Functionality — ekuiper 6.3 Medium2025-05-14
CVE-2025-30315 Adobe Connect | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Connect 6.1 Medium2025-05-13
CVE-2025-30316 Adobe Connect | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Connect 5.4 Medium2025-05-13
CVE-2025-30314 Adobe Connect | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Connect 6.1 Medium2025-05-13

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.