Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21536

21536 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-31696 RapiDoc OAS Field Formatter - Moderately critical - Cross site scripting - SA-CONTRIB-2025-025 — RapiDoc OAS Field Formatter 6.1 -2025-03-31
CVE-2025-31695 Link field display mode formatter - Moderately critical - Cross site scripting - SA-CONTRIB-2025-024 — Link field display mode formatter 6.1 -2025-03-31
CVE-2025-31687 SpamSpan filter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-016 — SpamSpan filter 6.1 -2025-03-31
CVE-2025-31682 Google Tag - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-011 — Google Tag 6.1 -2025-03-31
CVE-2025-31679 Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007 — Ignition Error Pages 6.1 -2025-03-31
CVE-2025-31675 Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2025-004 — Drupal core 6.1 -2025-03-31
CVE-2025-3057 Drupal core - Critical - Cross site scripting - SA-CORE-2025-001 — Drupal core 6.1 -2025-03-31
CVE-2025-31128 gifplayer XSS vulnerability — gifplayer 6.1 -2025-03-31
CVE-2025-3005 Sayski ForestBlog Friend Link cross site scripting — ForestBlog 3.5 Low2025-03-31
CVE-2025-3004 Sayski ForestBlog search cross site scripting — ForestBlog 3.5 Low2025-03-31
CVE-2025-30006 Xorcom CompletePBX <= 5.2.35 Reflected Cross-Site Scripting — CompletePBX 6.1 Medium2025-03-31
CVE-2025-30223 Beego allows Reflected/Stored XSS in Beego's RenderForm() Function Due to Unescaped User Input — beego 9.3 Critical2025-03-31
CVE-2025-30149 OpenEMR Reflected XSS in AJAX Script — openemr 6.4 Medium2025-03-31
CVE-2025-29772 OpenEMR allows Reflected XSS in CAMOS new.php — openemr 6.1 -2025-03-31
CVE-2024-12021 Stored Cross-Site Scripting — Coverity 5.4 -2025-03-31
CVE-2025-31629 WordPress Infusionsoft Web Form JavaScript plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability — Infusionsoft Web Form JavaScript 6.5 Medium2025-03-31
CVE-2025-31627 WordPress Media Library Assistant plugin <= 3.24 - Stored Cross Site Scripting (XSS) vulnerability — Media LIbrary Assistant 5.9 Medium2025-03-31
CVE-2025-31625 WordPress Useinfluence plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability — Useinfluence 7.1 High2025-03-31
CVE-2025-31624 WordPress Processing Projects plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability — Processing Projects 6.5 Medium2025-03-31
CVE-2025-31620 WordPress CoverManager plugin <= 0.0.1 - Cross Site Scripting (XSS) vulnerability — CoverManager 6.5 Medium2025-03-31
CVE-2025-31621 WordPress byBrick Accordion plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — byBrick Accordion 6.5 Medium2025-03-31
CVE-2025-31614 WordPress Terms Before Download plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability — Terms Before Download 6.5 Medium2025-03-31
CVE-2025-31615 WordPress Simple Contact Forms plugin <= 1.6.4 - CSRF to Stored XSS vulnerability — Simple Contact Forms 7.1 High2025-03-31
CVE-2025-31610 WordPress Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability — Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme 5.9 Medium2025-03-31
CVE-2025-31608 WordPress CookieHint WP plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability — CookieHint WP 6.5 Medium2025-03-31
CVE-2025-31607 WordPress Simple-Audioplayer plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability — Simple-Audioplayer 6.5 Medium2025-03-31
CVE-2025-31605 WordPress Welcome Popup plugin <= 1.0.10 - Cross Site Scripting (XSS) vulnerability — Welcome Popup 5.9 Medium2025-03-31
CVE-2025-31598 WordPress Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin <= 4.0.3 - Stored Cross Site Scripting (XSS) vulnerability — Quantity Dynamic Pricing & Bulk Discounts for WooCommerce 6.5 Medium2025-03-31
CVE-2025-31597 WordPress Ultimate Live Cricket WordPress Lite plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability — Ultimate Live Cricket WordPress Lite 6.5 Medium2025-03-31
CVE-2025-31593 WordPress OpenMenu plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability — OpenMenu 6.5 Medium2025-03-31

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21536 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.