Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21573

21573 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-53278 WordPress plugin WP Admin UI Customize 跨站脚本漏洞 — WP Admin UI Customize 4.8AIMediumAI2024-11-26
CVE-2024-11418 Additional Order Filters for WooCommerce <= 1.21 - Reflected Cross-Site Scripting — Additional Order Filters for WooCommerce 6.1 Medium2024-11-26
CVE-2024-11678 CodeAstro Hospital Management System his_doc_register_patient.php cross site scripting — Hospital Management System 3.5 Low2024-11-26
CVE-2024-11677 CodeAstro Hospital Management System Add Vendor Details Page his_admin_add_vendor.php cross site scripting — Hospital Management System 3.5 Low2024-11-26
CVE-2024-11676 CodeAstro Hospital Management System Add Laboratory Equipment Page his_admin_add_lab_equipment.php cross site scripting — Hospital Management System 3.5 Low2024-11-26
CVE-2024-11675 CodeAstro Hospital Management System Add Patient Details Page his_admin_register_patient.php cross site scripting — Hospital Management System 3.5 Low2024-11-26
CVE-2024-53843 Reflected XSS Vulnerability in Authentication Flow URL Handling in @dapperduckling/keycloak-connector-server — keycloak-connector 8.1 High2024-11-25
CVE-2024-53261 Cross-Site Scripting attack (XSS) on dev mode 404 page in SvelteKit — kit 6.1AIMediumAI2024-11-25
CVE-2024-53262 Unescaped error message included on error page in SvelteKit — kit 7.1AIHighAI2024-11-25
CVE-2024-53255 Reflected Cross-site Scripting in /admin?page=media via file Parameter in BoidCMS — BoidCMS 6.1AIMediumAI2024-11-25
CVE-2024-32468 Improper neutralization of input during web page generation ("Cross-site Scripting") in deno_doc HTML generator — deno 5.4 Medium2024-11-25
CVE-2024-51723 Vulnerability in Management Console Impacts BlackBerry AtHoc — AtHoc 4.6 Medium2024-11-25
CVE-2023-45181 IBM Jazz Foundation cross-site scripting — Jazz Foundation 6.1 Medium2024-11-25
CVE-2021-23282 Stored Cross-site Scripting reported in Intelligent Power Manager v1 — Intelligent Power Manager (IPM) 5.2 Medium2024-11-25
CVE-2024-11660 code-projects Farmacia usuario.php cross site scripting — Farmacia 3.5 Low2024-11-25
CVE-2024-11228 워드프레스 결제 심플페이 – 우커머스 결제 플러그인 <= 5.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting pafw_instant_payment Shortcode — 워드프레스 결제 심플페이 – 우커머스 결제 플러그인 6.4 Medium2024-11-23
CVE-2024-11229 코드엠샵 소셜톡 <= 1.1.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via add_plus_friends and add_plus_talk Shortcodes — 코드엠샵 소셜톡 6.4 Medium2024-11-23
CVE-2024-11231 우커머스 네이버페이 <= 3.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via mnp_purchase Shortcode — 우커머스 네이버페이 6.4 Medium2024-11-23
CVE-2024-10519 Wishlist for WooCommerce: Multi Wishlists Per Customer PRO 3.0.8 - 3.1.2 - Reflected Cross-Site Scripting via wtab Parameter — Wishlist for WooCommerce: Multi Wishlists Per Customer PRO 6.1 Medium2024-11-23
CVE-2024-11199 Rescue Shortcodes <= 2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via rescue_progressbar Shortcode — Rescue Shortcodes 6.4 Medium2024-11-23
CVE-2024-11227 Memberlite Shortcodes <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via memberlite_accordion Shortcode — Memberlite Shortcodes 6.4 Medium2024-11-23
CVE-2024-9635 Checkout with Cash App on WooCommerce <= 6.0.2 - Reflected Cross-Site Scripting — Checkout with Cash App on WooCommerce 6.1 Medium2024-11-23
CVE-2024-11446 Chessgame Shizzle <= 1.3.0 - Reflected Cross-Site Scripting — Chessgame Shizzle 6.1 Medium2024-11-23
CVE-2024-11330 Custom CSS, JS & PHP <= 2.3.0 - Reflected Cross-Site Scripting — Custom CSS, JS & PHP 6.1 Medium2024-11-23
CVE-2024-11188 Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder <= 6.16.1.2 - Reflected Cross-Site Scripting via Custom HTML Form Parameter — Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder 6.1 Medium2024-11-23
CVE-2024-11361 PDF Invoices & Packing Slips Generator for WooCommerce <= 2.2.1 - Reflected Cross-Site Scripting — PDF Invoices & Packing Slips Generator for WooCommerce 6.1 Medium2024-11-23
CVE-2024-11426 AutoListicle: Automatically Update Numbered List Articles <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — AutoListicle: Automatically Update Numbered List Articles 6.4 Medium2024-11-23
CVE-2024-11332 HIPAA Compliant Forms with Drag’n’Drop HIPAA Form Builder. Sign HIPAA documents <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — HIPAA Compliant Forms with Drag’n’Drop HIPAA Form Builder. Sign HIPAA documents 6.4 Medium2024-11-23
CVE-2024-11387 Easy Liveblogs <= 2.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting — Easy Liveblogs 6.4 Medium2024-11-23
CVE-2024-11408 Slotti Ajanvaraus <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Slotti Ajanvaraus 6.4 Medium2024-11-23

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21573 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.