Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21499

21499 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-1276 IBM QRadar SIEM Cross-Site Scripting — QRadar SIEM 5.4 Medium2026-03-19
CVE-2026-32728 Parse Server has a stored XSS filter bypass via Content-Type MIME parameter and missing XML extension blocklist entries — parse-server 9.8 -2026-03-18
CVE-2026-32722 Memray-generated HTML reports vulnerable to Stored XSS via unescaped command-line metadata — memray 3.6 Low2026-03-18
CVE-2026-32703 OpenProject's repository files are served with the MIME type allowing them to be used to bypass Content Security Policy — openproject 9.1 Critical2026-03-18
CVE-2026-3090 Post SMTP <= 3.8.0 - Unauthenticated Stored Cross-Site Scripting via 'event_type' — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App 7.2 High2026-03-18
CVE-2026-2512 Code Embed <= 2.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Fields — Code Embed 6.4 Medium2026-03-18
CVE-2026-3278 XSS Vulnerability discovered in OpenText™ ZENworks Service Desk. — ZENworks Service Desk 6.1 -2026-03-18
CVE-2025-12518 Stored XSS in beefree.io — Befree SDK 6.1 -2026-03-18
CVE-2026-22322 Stored Cross‑Site Scripting in Link Aggregation Name Handling — FL SWITCH 2005 7.1 High2026-03-18
CVE-2026-3512 Writeprint Stylometry <= 0.1 - Reflected Cross-Site Scripting via 'p' Parameter — Writeprint Stylometry 6.1 Medium2026-03-18
CVE-2026-1780 [CR]Paid Link Manager <= 0.5 - Reflected Cross-Site Scripting — [CR]Paid Link Manager 6.1 Medium2026-03-18
CVE-2026-31938 jsPDF has HTML Injection in New Window paths — jsPDF 9.6 Critical2026-03-18
CVE-2026-4268 WP Go Maps (formerly WP Google Maps) <= 10.0.05 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via admin_post_wpgmza_save_settings — WP Go Maps (formerly WP Google Maps) 6.4 Medium2026-03-18
CVE-2026-28499 LeafKit's HTML escaping may be skipped for Collection values, enabling XSS — leaf-kit 6.1 -2026-03-18
CVE-2026-4356 itsourcecode University Management System add_result.php cross site scripting — University Management System 2.4 Low2026-03-18
CVE-2026-4355 Portabilis i-Educar Endpoint educar_servidor_curso_lst.php cross site scripting — i-Educar 3.5 Low2026-03-17
CVE-2026-4354 TRENDnet TEW-824DRU Web apply_sec.cgi sub_420A78 cross site scripting — TEW-824DRU 3.5 Low2026-03-17
CVE-2026-32840 Edimax GS-5008PL <= 1.00.54 Stored XSS via Device Name — Edimax GS-5008PL 5.4 Medium2026-03-17
CVE-2025-62320 HTML Injection Leading to Data Exfiltration to External Server vulnerability affects HCL Unica Platform — Sametime 4.7 Medium2026-03-17
CVE-2026-30882 Chamilo LMS: Reflected XSS in the session category listing page — chamilo-lms 6.1 Medium2026-03-16
CVE-2026-29510 Hereta ETH-IMC408M Stored XSS via Device Name — Hereta ETH-IMC408M 5.4 Medium2026-03-16
CVE-2026-29513 Hereta ETH-IMC408M Stored XSS via Device Location — Hereta ETH-IMC408M 5.4 Medium2026-03-16
CVE-2026-29520 Hereta ETH-IMC408M Reflected XSS via ping_ipaddr Parameter — Hereta ETH-IMC408M 6.1 Medium2026-03-16
CVE-2025-2274 Stored Cross Site Scripting in Forcepoint Web Security — Web Security (On-Prem) 5.4AIMediumAI2026-03-16
CVE-2026-25369 WordPress Flexmls® IDX plugin <= 3.15.9 - Reflected Cross Site Scripting (XSS) vulnerability — Flexmls® IDX 7.1 High2026-03-16
CVE-2025-69245 Reflected XSS in Raytha CMS — Raytha 6.1 -2026-03-16
CVE-2025-69242 Reflected XSS in Raytha CMS — Raytha 6.1 -2026-03-16
CVE-2025-69241 Stored XSS in Raytha CMS — Raytha 5.4 -2026-03-16
CVE-2025-69237 Stored XSS in Raytha CMS — Raytha 5.4 -2026-03-16
CVE-2025-69236 Stored XSS in Raytha CMS — Raytha 5.4 -2026-03-16

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21499 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.