Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21506

21506 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-1960 Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes — Loggro Pymes 5.4AIMediumAI2026-02-09
CVE-2026-1959 Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes — Loggro Pymes 5.4AIMediumAI2026-02-09
CVE-2026-25847 JetBrains PyCharm 跨站脚本漏洞 — PyCharm 8.2 High2026-02-09
CVE-2026-2224 code-projects Online Reviewer System btn_functions.php cross site scripting — Online Reviewer System 3.5 Low2026-02-09
CVE-2025-7799 Reflected XSS in Zirve Information Technologies' e-Taxpayer Accounting Website — e-Taxpayer Accounting Website 8.6 High2026-02-09
CVE-2026-2222 code-projects Online Reviewer System btn_functions.php cross site scripting — Online Reviewer System 2.4 Low2026-02-09
CVE-2026-2214 code-projects for Plugin AdminAddAlbum.php cross site scripting — for Plugin 2.4 Low2026-02-09
CVE-2026-2201 ZeroWdd studentmanager LeaveController.java addLeave cross site scripting — studentmanager 2.4 Low2026-02-09
CVE-2026-2200 heyewei JFinalCMS API Endpoint save cross site scripting — JFinalCMS 2.4 Low2026-02-09
CVE-2026-2160 SourceCodester Simple Responsive Tourism Website Master.php cross site scripting — Simple Responsive Tourism Website 4.3 Medium2026-02-08
CVE-2026-2159 SourceCodester Simple Responsive Tourism Website Registration Master.php cross site scripting — Simple Responsive Tourism Website 4.3 Medium2026-02-08
CVE-2026-2156 code-projects Online Student Management System Announcement Management index.php cross site scripting — Online Student Management System 2.4 Low2026-02-08
CVE-2026-2154 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System Patient Registration registration.php cross site scripting — Patients Waiting Area Queue Management System 4.3 Medium2026-02-08
CVE-2026-2150 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System checkin.php cross site scripting — Patients Waiting Area Queue Management System 4.3 Medium2026-02-08
CVE-2026-2149 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System appointments.php cross site scripting — Patients Waiting Area Queue Management System 4.3 Medium2026-02-08
CVE-2026-2145 cym1102 nginxWebUI Web Management check cross site scripting — nginxWebUI 3.5 Low2026-02-08
CVE-2026-1573 OMIGO <= 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — OMIGO 6.4 Medium2026-02-07
CVE-2026-1611 Wikiloops Track Player <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Wikiloops Track Player 6.4 Medium2026-02-07
CVE-2026-1613 Wonka Slide <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Wonka Slide 6.4 Medium2026-02-07
CVE-2026-0555 Premmerce <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX Endpoint — Premmerce 6.4 Medium2026-02-07
CVE-2026-1634 Subitem AL Slider <= 1.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] — Subitem AL Slider 6.1 Medium2026-02-07
CVE-2026-1608 Video Onclick <= 0.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Video Onclick 6.4 Medium2026-02-07
CVE-2026-1643 MP-Ukagaka <= 1.5.2 - Reflected Cross-Site Scripting — MP-Ukagaka 6.1 Medium2026-02-07
CVE-2026-1570 Simple Bible Verse via Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Simple Bible Verse via Shortcode 6.4 Medium2026-02-07
CVE-2025-12159 Bold Page Builder <= 5.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Bold Page Builder 6.4 Medium2026-02-07
CVE-2025-13463 Bold Page Builder <= 5.5.3 - Authenticated (Author+) Stored DOM-based Cross-Site Scripting in Post Grid — Bold Page Builder 6.4 Medium2026-02-07
CVE-2025-15267 Bold Page Builder <= 5.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_accordion_item Shortcode — Bold Page Builder 6.4 Medium2026-02-07
CVE-2026-25516 NiceGUI's XSS vulnerability in ui.markdown() allows arbitrary JavaScript execution through unsanitized HTML content — nicegui 6.1 Medium2026-02-06
CVE-2026-25581 SCEditor affected by DOM XSS via emoticon URL/HTML injection — SCEditor 5.4 Medium2026-02-06
CVE-2026-2064 Portabilis i-Educar User Data meusdadod.php cross site scripting — i-Educar 3.5 Low2026-02-06

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21506 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.