Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21570

21570 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-56357 Cross-site Scripting vulnerability through custom widget URLs and form redirect URLs in grist-core — grist-core 8.1 High2024-12-20
CVE-2024-40875 Cross-site scripting vulnerability in the Secure Access administrative console prior to 13.52 — Secure Access 4.8 -2024-12-20
CVE-2024-12842 Emlog Pro user.php cross site scripting — Emlog Pro 4.3 Medium2024-12-20
CVE-2024-12841 Emlog Pro tag.php cross site scripting — Emlog Pro 4.3 Medium2024-12-20
CVE-2024-10385 Stored XSS in DirectAdmin Evo Skin — DirectAdmin Evolution Skin 5.4 -2024-12-20
CVE-2024-56355 JetBrains TeamCity 跨站脚本漏洞 — TeamCity 4.6 Medium2024-12-20
CVE-2024-56352 JetBrains TeamCity 跨站脚本漏洞 — TeamCity 4.6 Medium2024-12-20
CVE-2024-12506 NACC WordPress Plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — NACC WordPress Plugin 6.4 Medium2024-12-20
CVE-2024-11878 Category Post Slider <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Category Post Slider 6.4 Medium2024-12-20
CVE-2024-11806 PKT1 Centro de envios <= 1.2.1 - Reflected Cross-Site Scripting — PKT1 Centro de envios 6.1 Medium2024-12-20
CVE-2024-11783 Financial Calculator <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Financial Calculator 6.4 Medium2024-12-20
CVE-2024-11774 Outdooractive Embed <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting — Outdooractive Embed 6.4 Medium2024-12-20
CVE-2024-11331 isee-products-extractor <= 2.1.3 - Reflected Cross-Site Scripting — استخراج محصولات ووکامرس برای آیسی 6.1 Medium2024-12-20
CVE-2024-11893 Spoki – Chat Buttons and WooCommerce Notifications <= 2.15.15 - Authenticated (Contributor+) Stored Cross-Site Scripting — Spoki – Chat Buttons and WooCommerce Notifications 6.4 Medium2024-12-20
CVE-2024-11784 Sell Tickets Online – TicketSource Ticket Shop for WordPress <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — TicketSource Ticket Shop 6.4 Medium2024-12-20
CVE-2024-9619 WP SHAPES <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — WP SHAPES 6.4 Medium2024-12-20
CVE-2024-12509 Embed Twine <= 0.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Embed Twine 6.4 Medium2024-12-20
CVE-2024-11411 Spotlightr <= 0.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting — Spotlightr 6.4 Medium2024-12-20
CVE-2024-11775 Particle Background <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Particle Background 6.4 Medium2024-12-20
CVE-2024-5955 Trellix ePolicy Orchestrator 跨站脚本漏洞 — ePO Onprem Sp1 Update4 5.4 Medium2024-12-20
CVE-2024-11776 PCRecruiter Extensions <= 1.4.22 - Authenticated (Contributor+) Stored Cross-Site Scripting — PCRecruiter Extensions 6.4 Medium2024-12-20
CVE-2024-52794 Magnific lightbox susceptible to Cross-site Scripting in Discourse — discourse 6.8 Medium2024-12-19
CVE-2024-12790 code-projects Hostel Management Site room-details.php cross site scripting — Hostel Management Site 3.5 Low2024-12-19
CVE-2024-47093 Fix various XSS issues and potential RCE — Nagvis 8.8 High2024-12-19
CVE-2024-9101 phpLDAPadmin: Reflected Cross-Site Scripting in entry_chooser.php — phpLDAPadmin 6.1 -2024-12-19
CVE-2024-12783 itsourcecode Vehicle Management System billaction.php cross site scripting — Vehicle Management System 3.5 Low2024-12-19
CVE-2024-37962 WordPress Fusion Page Builder plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability — Fusion 6.5 Medium2024-12-19
CVE-2024-12626 AutomatorWP <= 5.0.9 - Reflected Cross-Site Scripting via a-0-o-search_field_value — AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress 9.6 Critical2024-12-19
CVE-2023-23354 QuLog Center — QuLog Center 7.3 High2024-12-19
CVE-2023-23357 QuLog Center — QuLog Center 4.8 Medium2024-12-19

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21570 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.