Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21499

21499 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-3024 Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma application web — Wakyma application web 5.4AIMediumAI2026-03-16
CVE-2026-4225 CMS Made Simple User Management listusers.php cross site scripting — CMS Made Simple 2.4 Low2026-03-16
CVE-2026-4186 UEditor JSONP Callback controller.php cross site scripting — UEditor 3.5 Low2026-03-15
CVE-2017-20219 Serviio PRO 1.8 DOM-based Cross-Site Scripting via mediabrowser — Serviio PRO 6.1 Medium2026-03-15
CVE-2016-20036 Wowza Streaming Engine 4.5.0 Multiple Cross-Site Scripting Vulnerabilities — Wowza Streaming Engine 6.1 Medium2026-03-15
CVE-2015-20119 RealtyScript 4.0.2 Stored Cross-Site Scripting via text Parameter in pages.php — RealtyScript 6.4 Medium2026-03-15
CVE-2015-20118 RealtyScript 4.0.2 Stored Cross-Site Scripting via location_name Parameter — RealtyScript 7.2 High2026-03-15
CVE-2015-20115 RealtyScript 4.0.2 Stored Cross-Site Scripting via File Upload Parameter — RealtyScript 7.2 High2026-03-15
CVE-2015-20116 RealtyScript 4.0.2 Stored Cross-Site Scripting via CSV File Upload Filename — RealtyScript 6.1 Medium2026-03-15
CVE-2015-20114 RealtyScript 4.0.2 Cross-Site Scripting via Multiple Parameters — RealtyScript 6.1 Medium2026-03-15
CVE-2013-20006 Qool CMS Multiple Persistent Cross-Site Scripting Vulnerabilities — Qool CMS 7.5 High2026-03-15
CVE-2013-20005 Qool CMS 2.0 RC2 Cross-Site Request Forgery via adduser — Qool CMS 5.3 Medium2026-03-15
CVE-2016-20032 ZKTeco ZKAccess Security System 5.3.1 Stored XSS — ZKTeco ZKAccess Security System 7.2 High2026-03-15
CVE-2016-20027 ZKTeco ZKBioSecurity 3.0 Multiple Reflected XSS Vulnerabilities — ZKTeco ZKBioSecurity 6.1 Medium2026-03-15
CVE-2026-4175 Aureus ERP Chatter Message content-text-entry.blade.php cross site scripting — ERP 3.5 Low2026-03-15
CVE-2026-4169 Tecnick TCExam XML Export tce_xml_users.php F_xml_export_users cross site scripting — TCExam 2.4 Low2026-03-15
CVE-2026-4168 Tecnick TCExam Group tce_edit_group.php cross site scripting — TCExam 2.4 Low2026-03-15
CVE-2026-4166 Wavlink WL-NU516U1 login.cgi sub_404F68 cross site scripting — WL-NU516U1 3.5 Low2026-03-15
CVE-2026-4165 Worksuite HR, CRM and Project Management create cross site scripting — HR, CRM and Project Management 2.4 Low2026-03-15
CVE-2026-32774 Vulnogram - Stored Cross-Site Scripting via Comment Hypertext — Vulnogram 6.4 Medium2026-03-14
CVE-2026-32635 Angular has XSS in i18n attribute bindings — compiler 6.1 -2026-03-13
CVE-2026-32626 AnythingLLM has a Streaming Phase XSS to RCE via LLM Response Injection — anything-llm 9.7 Critical2026-03-13
CVE-2023-40693 IBM Sterling B2B Integrator and IBM Sterling File Gateway Cross-Site Scripting — Sterling B2B Integrator 5.4 Medium2026-03-13
CVE-2025-14504 IBM Sterling B2B Integrator and IBM Sterling File Gateway Cross-Site Scripting — Sterling B2B Integrator 5.4 Medium2026-03-13
CVE-2026-0835 IBM Sterling B2B Integrator和IBM Sterling File Gateway 跨站脚本漏洞 — Sterling B2B Integrator 5.4 Medium2026-03-13
CVE-2025-12453 Improper neutralization of input during web page generation vulnerability has been discovered in OpenText™ Vertica. — Vertica 6.1 -2026-03-13
CVE-2025-12454 Improper neutralization of input during web page generation vulnerability has been discovered in OpenText™ Vertica. — Vertica 6.1 -2026-03-13
CVE-2026-32462 WordPress Master Addons for Elementor plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability — Master Addons for Elementor 6.1 -2026-03-13
CVE-2026-32460 WordPress Ultimate Addons for Contact Form 7 plugin <= 3.5.36 - Cross Site Scripting (XSS) vulnerability — Ultimate Addons for Contact Form 7 6.1 -2026-03-13
CVE-2026-32454 WordPress Avada Core plugin < 5.15.0 - Cross Site Scripting (XSS) vulnerability — Avada Core 6.1 -2026-03-13

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21499 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.