Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-46349 YesWiki Vulnerable to Unauthenticated Reflected Cross-site Scripting — yeswiki 7.6 High2025-04-29
CVE-2025-1551 IBM Operational Decision Manager cross-site scripting — Operational Decision Manager 6.1 Medium2025-04-29
CVE-2025-40616 Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy — Bookgy 6.1AIMediumAI2025-04-29
CVE-2025-40615 Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy — Bookgy 6.1AIMediumAI2025-04-29
CVE-2025-46346 YesWiki Vulnerable to Stored XSS in Comments — yeswiki 5.4AIMediumAI2025-04-29
CVE-2025-3929 Stored XSS vulnerability in MDaemon Email Server — Email Server 6.1AIMediumAI2025-04-29
CVE-2025-2893 Gutenverse <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via countdown Block — Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem 6.4 Medium2025-04-29
CVE-2025-46343 n8n Vulnerable to Stored XSS through Attachments View Endpoint — n8n 5.0 Medium2025-04-29
CVE-2025-46338 Audiobookshelf Vulnerable to Cross-Site-Scripting Reflected via POST Request in /api/upload — audiobookshelf 5.4AIMediumAI2025-04-29
CVE-2024-11922 Input Validation vulnerability in Web Client emails that do not go through Secure Mail — GoAnywhere MFT 6.3 Medium2025-04-28
CVE-2025-4011 Redmine Custom Query cross site scripting — Redmine 3.5 Low2025-04-28
CVE-2025-4000 Seeyon Zhiyuan OA Web Application System ssoproxy.jsp cross site scripting — Zhiyuan OA Web Application System 3.5 Low2025-04-28
CVE-2025-3999 Seeyon Zhiyuan OA Web Application System URL Parameter date.jsp cross site scripting — Zhiyuan OA Web Application System 3.5 Low2025-04-28
CVE-2025-3706 104 Corporation eHRMS - Reflected Cross-Site Scripting — eHRMS 6.1 Medium2025-04-28
CVE-2025-3996 TOTOLINK N150RT MAC Filtering Page home.htm cross site scripting — N150RT 2.4 Low2025-04-28
CVE-2025-3995 TOTOLINK N150RT LAN Settings Page fromStaticDHCP cross site scripting — N150RT 2.4 Low2025-04-28
CVE-2025-3994 TOTOLINK N150RT IP Port Filtering home.htm cross site scripting — N150RT 2.4 Low2025-04-28
CVE-2015-4582 WordPress plugin TheCartPress boot-store 安全漏洞 — boot-store 7.2 High2025-04-28
CVE-2025-3970 baseweb JSite save cross site scripting — JSite 3.5 Low2025-04-27
CVE-2025-3965 itwanger paicoding post cross site scripting — paicoding 3.5 Low2025-04-27
CVE-2024-52888 Stored-XSS — Check Point Mobile Access 5.4 Medium2025-04-27
CVE-2024-52887 Self-XSS — Check Point Mobile Access 3.5 Low2025-04-27
CVE-2025-3962 withstars Books-Management-System Comment add cross site scripting — Books-Management-System 3.5 Low2025-04-27
CVE-2025-3961 withstars Books-Management-System do cross site scripting — Books-Management-System 3.5 Low2025-04-27
CVE-2025-3958 withstars Books-Management-System Book Edit Page book_edit_do.html cross site scripting — Books-Management-System 3.5 Low2025-04-27
CVE-2025-46657 Karaz Karazal 安全漏洞 — Karazal 7.2 High2025-04-27
CVE-2025-46689 Ververica Platform 安全漏洞 — Ververica Platform 5.4 Medium2025-04-27
CVE-2025-1458 Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) <= 5.10.29 - Authenticated (Contributor+) Stored Cross-Site Scripting — Element Pack – Widgets, Templates & Addons for Elementor 6.4 Medium2025-04-26
CVE-2025-2069 Lenovo Filez 跨站脚本漏洞 — Client 5.0 Medium2025-04-25
CVE-2024-56156 Halo Vulnerable to Stored XSS and RCE via File Upload Bypass — halo 9.0 -2025-04-25

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.