Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-52612 SolarWinds Platform Reflected Cross-Site Scripting Vulnerability — SolarWinds Platform 6.8 Medium2025-02-11
CVE-2025-1174 1000 Projects Bookstore Management System Add Book Page process_book_add.php cross site scripting — Bookstore Management System 2.4 Low2025-02-11
CVE-2024-12599 HT Mega – Absolute Addons For Elementor <= 2.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — HT Mega Addons for Elementor – Elementor Widgets & Template Builder 6.4 Medium2025-02-11
CVE-2025-1171 code-projects Real Estate Property Management System CustomerReport.php cross site scripting — Real Estate Property Management System 3.5 Low2025-02-11
CVE-2025-1145 NetVision Information ISOinsight - Reflected Cross-site Scripting — ISOinsight 6.1 Medium2025-02-11
CVE-2025-1170 code-projects Real Estate Property Management System Category.php cross site scripting — Real Estate Property Management System 3.5 Low2025-02-11
CVE-2025-1169 SourceCodester Image Compressor Tool compressor.php cross site scripting — Image Compressor Tool 3.5 Low2025-02-11
CVE-2025-24867 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform (BI Launchpad) — SAP BusinessObjects Platform (BI Launchpad) 6.1 Medium2025-02-11
CVE-2025-0054 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java — SAP NetWeaver Application Server Java 5.4 Medium2025-02-11
CVE-2025-25190 [XBOW-025-033] Cross-Site Scripting (XSS) via EchoProcess Service in ZOO-Project WPS Server — ZOO-Project 6.1 -2025-02-10
CVE-2025-25189 [XBOW-025-031] Reflected Cross-Site Scripting via jobid Parameter in ZOO-Project WPS publish.py CGI Script — ZOO-Project 6.1 -2025-02-10
CVE-2025-1159 CampCodes School Management Software academic-calendar cross site scripting — School Management Software 3.5 Low2025-02-10
CVE-2025-1155 Webkul QloApps Your Location Search stores cross site scripting — QloApps 4.3 Medium2025-02-10
CVE-2024-13010 WP Foodbakery <= 4.8 - Reflected Cross-Site Scripting — WP Foodbakery 6.1 Medium2025-02-10
CVE-2025-24892 OpenProject stored HTML injection vulnerability — openproject 3.5 Low2025-02-10
CVE-2024-11831 Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript 5.4 Medium2025-02-10
CVE-2025-1175 Cross-Site Scripting (XSS) vulnerability in Kelio Visio — Kelio Visio 1 6.1 Medium2025-02-10
CVE-2025-25247 Apache Felix Webconsole: XSS in services console — Apache Felix Webconsole 6.1 -2025-02-10
CVE-2025-0169 DWT - Directory & Listing WordPress Theme <=3.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — DWT - Directory & Listing WordPress Theme 6.4 Medium2025-02-08
CVE-2024-13850 Simple add pages or posts <= 2.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting — Simple add pages or posts 5.5 Medium2025-02-08
CVE-2025-25187 Cross-site Scripting in Goto Anything allows arbitrary code execution in Joplin — joplin 7.8 High2025-02-07
CVE-2025-1114 newbee-mall Add Category Page save cross site scripting — newbee-mall 3.5 Low2025-02-07
CVE-2025-24028 Cross-site Scripting (XSS) in Rich Text Editor allows arbitrary code execution in Joplin — joplin 7.8 High2025-02-07
CVE-2025-1105 SiberianCMS HTTP GET Request flat cross site scripting — SiberianCMS 4.3 Medium2025-02-07
CVE-2024-10383 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab VSCode Fork — GitLab VSCode Fork 8.7 High2025-02-07
CVE-2025-25159 WordPress WP doodlez plugin <= 1.0.10 - Cross Site Scripting (XSS) vulnerability — WP doodlez 7.1 High2025-02-07
CVE-2025-25144 WordPress Theasys plugin <= 1.0.1 - CSRF to Stored XSS vulnerability — Theasys 7.1 High2025-02-07
CVE-2025-25136 WordPress Optimate Ads plugin <= 1.0.3 - Cross-Site Scripting (XSS) vulnerability — Optimate Ads 6.5 Medium2025-02-07
CVE-2025-25117 WordPress Smart Countdown FX plugin <= 1.5.5 - Cross Site Scripting (XSS) vulnerability — Smart Countdown FX 6.5 Medium2025-02-07
CVE-2025-25105 WordPress Pop Up Plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability — Pop Up 5.9 Medium2025-02-07

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.