Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21506

21506 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-1754 personal-authors-category <= 0.3 - Reflected Cross-Site Scripting — personal-authors-category 6.1 Medium2026-02-14
CVE-2026-2027 AMP Enhancer <= 1.0.49 - Authenticated (Administrator+) Stored Cross-Site Scripting via AMP Custom CSS Setting — AMP Enhancer – Compatibility Layer for Official AMP Plugin 4.4 Medium2026-02-14
CVE-2026-1841 PixelYourSite <= 11.2.0 - Unauthenticated Stored Cross-Site Scripting — PixelYourSite – Your smart PIXEL (TAG) & API Manager 7.2 High2026-02-13
CVE-2026-1844 PixelYourSite PRO <= 12.4.0.2 - Unauthenticated Stored Cross-Site Scripting — PixelYourSite Pro – Your smart PIXEL (TAG) Manager 7.2 High2026-02-13
CVE-2026-26226 beautiful-mermaid < 0.1.3 SVG Attribute Injection — beautiful-mermaid 6.1AIMediumAI2026-02-13
CVE-2026-1578 HP App – Potential Cross-Site Scripting — HP App 6.1AIMediumAI2026-02-13
CVE-2026-26188 Solspace Freeform plugin affected by Stored Cross-Site Scripting (XSS) in Freeform Craft Plugin CP UI (builder/integrations) — craft-freeform 5.4AIMediumAI2026-02-12
CVE-2019-25324 RICOH Web Image Monitor 1.09 - HTML Injection — RICOH Web Image Monitor 6.1 Medium2026-02-12
CVE-2019-25323 Heatmiser Netmonitor 3.03 - HTML Injection — Heatmiser Netmonitor 6.1 Medium2026-02-12
CVE-2026-1320 Secure Copy Content Protection and Content Locking <= 4.9.8 - Unauthenticated Stored Cross-Site Scripting via X-Forwarded-For Header — Secure Copy Content Protection and Content Locking 7.2 High2026-02-12
CVE-2025-13002 XSS in Farktor Software's E-Commerce Package — E-Commerce Package 8.2 High2026-02-12
CVE-2026-1316 Customer Reviews for WooCommerce <= 5.97.0 - Unauthenticated Stored Cross-Site Scripting via media[].href Parameter — Customer Reviews for WooCommerce 7.2 High2026-02-12
CVE-2026-2276 Reflected Cross-Site Scripting in the Wix web application — web application 5.4AIMediumAI2026-02-12
CVE-2026-26023 Client‑side DOM XSS in the web chat app of Dify when using echarts — dify 6.1AIMediumAI2026-02-11
CVE-2020-37153 ASTPP VoIP 4.0.1 - Remote Code Execution — ASTPP 9.8 Critical2026-02-11
CVE-2026-25759 Statmatic affected by privilege escalation via stored cross-site scripting — cms 8.7 High2026-02-11
CVE-2026-25868 MiniGal Nano <= 0.3.5 Reflected XSS via dir Parameter — MiniGal Nano 6.1AIMediumAI2026-02-11
CVE-2019-25317 Kimai 2- persistent cross-site scripting (XSS) — Kimai 6.4 Medium2026-02-11
CVE-2019-25315 WP Server Log Viewer 1.0 - 'logfile' Persistent Cross-Site Scripting — WP Server Log Viewer 6.4 Medium2026-02-11
CVE-2019-25316 GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting — GOautodial 6.4 Medium2026-02-11
CVE-2019-25311 thesystem Persistent XSS — thesystem 6.4 Medium2026-02-11
CVE-2019-25312 InoERP 0.7.2 - Persistent Cross-Site Scripting — InoERP 5.4 Medium2026-02-11
CVE-2018-25157 Phraseanet 4.0.3 Stored XSS via Document Upload — Phraseanet DAM Open Source 6.4 Medium2026-02-11
CVE-2026-2344 Stored XSS on Plunet BusinessManager — Plunet BusinessManager 8.8AIHighAI2026-02-11
CVE-2025-8668 Reflected XSS in E-Kalite Software Hardware Engineering's Turboard — Turboard 9.4 Critical2026-02-11
CVE-2026-2337 Refleccted XSS on Plunet BusinessManager — Plunet BusinessManager 9.6AICriticalAI2026-02-11
CVE-2025-14560 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLab 7.3 High2026-02-11
CVE-2026-0595 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLab 7.3 High2026-02-11
CVE-2025-13650 REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB — ZeusWeb 6.1AIMediumAI2026-02-11
CVE-2025-13649 REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB — ZeusWeb 5.4AIMediumAI2026-02-11

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21506 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.