Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21547

21547 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-27431 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java — SAP NetWeaver Application Server Java 5.4 Medium2025-03-11
CVE-2025-26659 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) — SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 6.1 Medium2025-03-11
CVE-2025-25245 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) — SAP BusinessObjects Business Intelligence Platform (Web Intelligence) 5.4 Medium2025-03-11
CVE-2025-25242 Cross-Site Scripting (XSS) in SAP NetWeaver Application Server ABAP — SAP NetWeaver Application Server ABAP 6.1 Medium2025-03-11
CVE-2025-0062 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) — SAP BusinessObjects Business Intelligence Platform 4.7 Medium2025-03-11
CVE-2024-52812 LF Edge eKuiper has Stored XSS in Rules Functionality — ekuiper 5.4 Medium2025-03-10
CVE-2024-13919 Laravel Reflected XSS via Route Parameter in Debug-Mode Error Page — Laravel Framework 8.0 High2025-03-10
CVE-2024-13918 Laravel Reflected XSS via Request Parameter in Debug-Mode Error Page — Laravel Framework 8.0 High2025-03-10
CVE-2025-2150 HGiga C&Cm@il - Stored Cross-Site Scripting — C&Cm@il 5.4 Medium2025-03-10
CVE-2025-27924 Nintex Automation 跨站脚本漏洞 — Automation 5.4 Medium2025-03-10
CVE-2025-2133 ftcms edit cross site scripting — ftcms 2.4 Low2025-03-09
CVE-2025-2131 dayrui XunRuiCMS Friendly Links cross site scripting — XunRuiCMS 2.4 Low2025-03-09
CVE-2025-2130 OpenXE Ticket Bearbeiten Page cross site scripting — OpenXE 3.5 Low2025-03-09
CVE-2025-2127 JoomlaUX JUX Real Estate realties cross site scripting — JUX Real Estate 4.3 Medium2025-03-09
CVE-2025-2124 Control iD RH iD API change_password cross site scripting — RH iD 3.5 Low2025-03-09
CVE-2025-2123 GeSHi CSS cssgen.php get_var cross site scripting — GeSHi 3.5 Low2025-03-09
CVE-2024-13675 SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) 6.4 Medium2025-03-08
CVE-2025-1664 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns 6.4 Medium2025-03-08
CVE-2024-13649 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Xpro Addons — 140+ Widgets for Elementor 6.4 Medium2025-03-08
CVE-2025-1783 Gallery Styles <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Gallery Styles 6.4 Medium2025-03-08
CVE-2025-1324 WP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — WP-Recall – Registration, Profile, Commerce & More 6.4 Medium2025-03-08
CVE-2025-1287 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce 6.4 Medium2025-03-08
CVE-2024-12119 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.29 - Authenticated (Custom+) Stored Cross-Site Scripting via Album Title Size — Gallery by FooGallery 6.4 Medium2025-03-08
CVE-2024-12460 Years Since – Timeless <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Years Since – Timeless Texts 6.4 Medium2025-03-08
CVE-2025-1261 HT Mega – Absolute Addons For Elementor <= 2.8.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Countdown Widget — HT Mega Addons for Elementor – Elementor Widgets & Template Builder 6.4 Medium2025-03-08
CVE-2025-27518 Cognita CORS misconfiguration in backend API server — cognita 8.1 -2025-03-07
CVE-2025-2087 StarSea99 starsea-mall update cross site scripting — starsea-mall 3.5 Low2025-03-07
CVE-2025-2086 StarSea99 starsea-mall update cross site scripting — starsea-mall 3.5 Low2025-03-07
CVE-2025-2085 StarSea99 starsea-mall save cross site scripting — starsea-mall 3.5 Low2025-03-07
CVE-2025-2084 PHPGurukul Human Metapneumovirus Testing Management System Search Report Page search-report.php cross site scripting — Human Metapneumovirus Testing Management System 3.5 Low2025-03-07

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21547 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.