Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21572

21572 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-2164 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLab 5.4 Medium2023-08-01
CVE-2023-34360 ASUS RT-AX88U - Stored XSS — RT-AX88U 8.2 High2023-07-31
CVE-2023-22595 IBM B2B Advanced Communication cross-site scripting — B2B Advanced Communications 5.4 Medium2023-07-31
CVE-2023-4007 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq — thorsten/phpmyfaq 5.4 -2023-07-31
CVE-2023-3990 Mingsoft MCMS HTTP POST Request search.do cross site scripting — MCMS 3.5 Low2023-07-28
CVE-2023-3989 SourceCodester Jewelry Store System add_customer.php cross site scripting — Jewelry Store System 3.5 Low2023-07-28
CVE-2023-3986 SourceCodester Simple Online Mens Salon Management System cross site scripting — Simple Online Mens Salon Management System 2.4 Low2023-07-28
CVE-2023-3982 Cross-site Scripting (XSS) - Stored in omeka/omeka-s — omeka/omeka-s 5.4 -2023-07-27
CVE-2023-3980 Cross-site Scripting (XSS) - Stored in omeka/omeka-s — omeka/omeka-s 5.4 -2023-07-27
CVE-2023-38491 Kirby vulnerable to Cross-site scripting (XSS) from MIME type auto-detection of uploaded files — kirby 5.7 Medium2023-07-27
CVE-2023-37894 WordPress Variation Images Gallery for WooCommerce Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS) — Variation Images Gallery for WooCommerce 7.1 High2023-07-27
CVE-2023-3973 Cross-site Scripting (XSS) - Reflected in jgraph/drawio — jgraph/drawio 6.1 -2023-07-27
CVE-2023-37970 WordPress MF Gig Calendar Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS) — MF Gig Calendar 6.5 Medium2023-07-27
CVE-2023-37975 WordPress Variation Swatches for WooCommerce Plugin <= 2.3.7 is vulnerable to Cross Site Scripting (XSS) — Variation Swatches for WooCommerce 7.1 High2023-07-27
CVE-2023-37976 WordPress Radio Forge Muses Player with Skins Plugin <= 2.5 is vulnerable to Cross Site Scripting (XSS) — Radio Forge Muses Player with Skins 7.1 High2023-07-27
CVE-2023-37977 WordPress WPFunnels Plugin <= 2.7.16 is vulnerable to Cross Site Scripting (XSS) — Drag & Drop Sales Funnel Builder for WordPress – WPFunnels 7.1 High2023-07-27
CVE-2023-37979 WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Cross Site Scripting (XSS) — Ninja Forms Contact Form 7.1 High2023-07-27
CVE-2023-37980 WordPress Custom Field For WP Job Manager Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS) — Custom Field For WP Job Manager 5.9 Medium2023-07-27
CVE-2023-37981 WordPress Authors List Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS) — Authors List 7.1 High2023-07-27
CVE-2023-37993 WordPress wpShopGermany IT-RECHT KANZLEI Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS) — wpShopGermany IT-RECHT KANZLEI 5.9 Medium2023-07-27
CVE-2023-3970 GZ Scripts Availability Booking Calendar PHP Image cross site scripting — Availability Booking Calendar PHP 3.5 Low2023-07-27
CVE-2023-3969 GZ Scripts Availability Booking Calendar PHP HTTP POST Request index.php cross site scripting — Availability Booking Calendar PHP 3.5 Low2023-07-27
CVE-2023-3946 Trellix ePolicy Orchestrator 跨站脚本漏洞 — Trellix EPO 5.4 Medium2023-07-26
CVE-2023-3945 phpscriptpoint Lawyer search.php cross site scripting — Lawyer 3.5 Low2023-07-25
CVE-2023-38501 copyparty vulnerable to reflected cross-site scripting via k304 parameter — copyparty 6.3 Medium2023-07-25
CVE-2023-38500 By-passing Cross-Site Scripting Protection in HTML Sanitizer — html-sanitizer 4.7 Medium2023-07-25
CVE-2023-3944 phpscriptpoint Lawyer page.php cross site scripting — Lawyer 3.5 Low2023-07-25
CVE-2023-37257 The DataEase panel and dataset have a stored XSS vulnerability — dataease 5.4 Medium2023-07-25
CVE-2023-36806 Contao cross site scripting vulnerability via input unit widget — contao 6.5 Medium2023-07-25
CVE-2023-35929 Tuleap Cross-site Scripting vulnerability in the card field of the agile dashboard apps — tuleap 5.4 Medium2023-07-25

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21572 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.