Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21547

21547 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-1957 code-projects Blood Bank System o+.php cross site scripting — Blood Bank System 3.5 Low2025-03-04
CVE-2025-1955 code-projects Online Class and Exam Scheduling System profile.php cross site scripting — Online Class and Exam Scheduling System 3.5 Low2025-03-04
CVE-2025-1949 ZZCMS URL register_nodb.php cross site scripting — ZZCMS 4.3 Medium2025-03-04
CVE-2025-27156 Tuleap allows content injection via emails sent by the mass emailing features — tuleap 4.1 Medium2025-03-04
CVE-2025-27155 In-memory stored Cross-site scripting (XSS) vulnerability in pineconesim — pinecone 6.1 Medium2025-03-04
CVE-2025-0370 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via src Parameter — WP Shortcodes Plugin — Shortcodes Ultimate 6.4 Medium2025-03-04
CVE-2025-0433 Master Addons <= 2.0.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter — Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits 6.4 Medium2025-03-04
CVE-2024-9618 Master Addons <= 2.0.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits 6.4 Medium2025-03-04
CVE-2025-0512 Structured Content (JSON-LD) #wpsc <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via sc_fs_local_business Shortcode — Structured Content (JSON-LD) #wpsc 6.4 Medium2025-03-04
CVE-2025-1905 SourceCodester Employee Management System employee.php cross site scripting — Employee Management System 3.5 Low2025-03-04
CVE-2025-1904 code-projects Blood Bank System A+.php cross site scripting — Blood Bank System 3.5 Low2025-03-04
CVE-2025-1892 shishuocms Directory Deletion Page add.json cross site scripting — shishuocms 2.4 Low2025-03-04
CVE-2024-51963 Stored XSS in ArcGIS Server Manager — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51960 Stored XSS in ArcGIS Server Administrator Directory — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51959 Stored XSS issue in Server Admin API — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51957 Stored XSS vulnerability in ArcGIS Rest Services Directory — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51956 Stored XSS vulnerability in ArcGIS Server Administrator Directory — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51953 Stored XSS in ArcGIS Server Rest services — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51952 Stored XSS issue in ArcGIS Server — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51951 Stored XSS in Server Admin API — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51950 Stored XSS in Server Admin under Services > lifecycleinfos — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51949 Stored XSS vulnerability in Rest Services under OGCFeature Service and Map Service — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51948 Stored XSS vulnerability in Rest Services under Job ID — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51947 Stored XSS vulnerability in Rest Services under Layer name — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51946 Stored XSS in Rest Services Directory under Identify operation — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51945 Stored XSS issues in Server Admin API — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51944 Stored XSS in Rest Services Directory — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-51942 Stored XSS vulnerability in Rest Admin API under Hosted Feature Services page — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-10904 Stored XSS in Server Admin API — ArcGIS Server 4.8 Medium2025-03-03
CVE-2024-5888 Stored XSS in Rest Services API for a Toolbox published as GP Service — ArcGIS Server 4.8 Medium2025-03-03

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21547 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.