Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21552

21552 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-12222 Deliver via Shipos for WooCommerce <= 2.1.7 - Reflected Cross-Site Scripting via dvsfw_bulk_label_url Parameter — Deliver via Shipos for WooCommerce 6.1 Medium2025-01-09
CVE-2024-12496 Linear <= 2.7.12 - Authenticated (Contributor+) Stored Cross-Site Scripting — Linear 6.4 Medium2025-01-09
CVE-2024-12493 Files Download Delay <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Files Download Delay 6.4 Medium2025-01-09
CVE-2024-12122 ResAds <= 2.0.6 - Reflected Cross-Site Scripting via Multiple Parameters — ResAds 6.1 Medium2025-01-09
CVE-2025-0348 CampCodes DepEd Equipment Inventory System add_employee.php cross site scripting — DepEd Equipment Inventory System 3.5 Low2025-01-09
CVE-2024-13153 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.135 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Unlimited Elements For Elementor 6.4 Medium2025-01-09
CVE-2025-0342 CampCodes Computer Laboratory Management System edit cross site scripting — Computer Laboratory Management System 3.5 Low2025-01-09
CVE-2025-0339 code-projects Online Bike Rental HTTP GET Request vehical-details.php cross site scripting — Online Bike Rental 3.5 Low2025-01-09
CVE-2024-13213 SingMR HouseRent toAdminUpdateHousePage cross site scripting — HouseRent 3.5 Low2025-01-09
CVE-2024-13209 Redaxo CMS Structure Management Page index.php cross site scripting — CMS 2.4 Low2025-01-09
CVE-2024-13205 kurniaramadhan E-Commerce-PHP Create Product Page create_product.php cross site scripting — E-Commerce-PHP 2.4 Low2025-01-09
CVE-2024-13202 wander-chu SpringBoot-Blog Blog Article PageController.java modifiyArticle cross site scripting — SpringBoot-Blog 2.4 Low2025-01-09
CVE-2024-13199 langhsu Mblog Blog System Search Bar search cross site scripting — Mblog Blog System 3.5 Low2025-01-09
CVE-2024-13197 donglight bookstore电商书城系统说明 AdminUserControlle.java updateUser cross site scripting — bookstore电商书城系统说明 3.5 Low2025-01-09
CVE-2024-13196 donglight bookstore电商书城系统说明 BookInfoController.java BookSearchList cross site scripting — bookstore电商书城系统说明 3.5 Low2025-01-09
CVE-2024-56377 REDCap 安全漏洞 — REDCap 5.4 Medium2025-01-09
CVE-2024-56376 REDCap 安全漏洞 — REDCap 5.4 Medium2025-01-09
CVE-2024-13192 ZeroWdd myblog BlogController.java update cross site scripting — myblog 3.5 Low2025-01-08
CVE-2025-22143 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'listar_permissoes.php' parameter 'msg_e' — WeGIA 6.1 -2025-01-08
CVE-2025-22139 WeGIA Cross-Site Scripting (XSS) Reflected endpoint `configuracao_geral.php` parameter `msg` — WeGIA 6.1 -2025-01-08
CVE-2025-20123 Cisco Crosswork Network Controller Stored Cross-Site Scripting Vulnerability — Cisco Crosswork Network Change Automation 4.8 Medium2025-01-08
CVE-2024-12337 Shipping via Planzer for WooCommerce <= 1.0.25 - Reflected Cross-Site Scripting via processed-ids — Shipping via Planzer for WooCommerce 6.1 Medium2025-01-08
CVE-2024-11830 Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer <= 2.3.52 - Authenticated (Contributor+) Stored Cross-Site Scripting — Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer 6.4 Medium2025-01-08
CVE-2024-12328 MAS Elementor <= 1.1.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG — MAS Elementor 6.4 Medium2025-01-08
CVE-2024-12045 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns 4.4 Medium2025-01-08
CVE-2024-8002 VIWIS LMS File Upload cross site scripting — LMS 4.3 Medium2025-01-08
CVE-2024-12851 Element Pack Lite - Addons for Elementor <= 5.10.14 - Authenticated (Contributor+) Stored Cross-Site Scripting — Element Pack – Widgets, Templates & Addons for Elementor 6.4 Medium2025-01-08
CVE-2024-12852 Happy Addons for Elementor <= 3.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Happy Addons for Elementor 6.4 Medium2025-01-08
CVE-2024-12205 Themesflat Addons For Elementor <= 2.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Themesflat Addons For Elementor 6.4 Medium2025-01-08
CVE-2025-21603 Planex MZK-DP300N 跨站脚本漏洞 — MZK-DP300N 5.4 -2025-01-08

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21552 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.