Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21572

21572 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-3555 GZ Scripts PHP Vacation Rental Script preview.php cross site scripting — PHP Vacation Rental Script 3.5 Low2023-07-08
CVE-2023-3554 GZ Scripts GZ Forum Script preview.php cross site scripting — GZ Forum Script 3.5 Low2023-07-08
CVE-2023-37269 Winter CMS vulnerable to stored XSS through privileged upload of SVG file — winter 2.0 Low2023-07-07
CVE-2023-20133 Cisco Webex Meetings 跨站脚本漏洞 — Cisco Webex Meetings 5.4 Medium2023-07-07
CVE-2021-39014 IBM Cloud Object Storage System cross-site scripting — Cloud Object Storage System 6.4 Medium2023-07-07
CVE-2023-3544 GZ Scripts Time Slot Booking Calendar PHP load.php cross site scripting — Time Slot Booking Calendar PHP 3.5 Low2023-07-07
CVE-2023-3543 GZ Scripts Availability Booking Calendar PHP HTTP POST Request load.php cross site scripting — Availability Booking Calendar PHP 3.5 Low2023-07-07
CVE-2023-3542 ThinuTech ThinuCMS contact.php cross site scripting — ThinuCMS 3.5 Low2023-07-07
CVE-2023-3541 ThinuTech ThinuCMS author_posts.php cross site scripting — ThinuCMS 3.5 Low2023-07-07
CVE-2023-3540 SimplePHPscripts NewsLetter Script PHP URL Parameter preview.php cross site scripting — NewsLetter Script PHP 3.5 Low2023-07-07
CVE-2023-3539 SimplePHPscripts Simple Forum PHP URL Parameter preview.php cross site scripting — Simple Forum PHP 3.5 Low2023-07-07
CVE-2023-3538 SimplePHPscripts Photo Gallery PHP URL Parameter preview.php cross site scripting — Photo Gallery PHP 3.5 Low2023-07-07
CVE-2023-3537 SimplePHPscripts News Script PHP Pro URL Parameter preview.php cross site scripting — News Script PHP Pro 3.5 Low2023-07-07
CVE-2023-3536 SimplePHPscripts Funeral Script PHP URL Parameter preview.php cross site scripting — Funeral Script PHP 3.5 Low2023-07-07
CVE-2023-3535 SimplePHPscripts FAQ Script PHP URL Parameter preview.php cross site scripting — FAQ Script PHP 3.5 Low2023-07-07
CVE-2023-3532 Cross-site Scripting (XSS) - Stored in outline/outline — outline/outline 5.4 -2023-07-07
CVE-2023-32652 PiiGAB M-Bus Cross-site Scripting — M-Bus SoftwarePack 8.0 High2023-07-06
CVE-2023-3531 Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass — nilsteampassnet/teampass 5.4 -2023-07-06
CVE-2023-36459 Mastodon vulnerable to Cross-site Scripting through oEmbed preview cards — mastodon 9.3 Critical2023-07-06
CVE-2023-1298 ServiceNow 跨站脚本漏洞 — Now User Experience 4.3 Medium2023-07-06
CVE-2023-36823 Sanitize vulnerable to Cross-site Scripting via insufficient neutralization of `style` element content — sanitize 7.1 High2023-07-06
CVE-2023-3521 Cross-site Scripting (XSS) - Reflected in fossbilling/fossbilling — fossbilling/fossbilling 5.4 -2023-07-06
CVE-2023-36828 Statamic's Antlers sanitizer cannot effectively sanitize malicious SVG — cms 5.5 Medium2023-07-05
CVE-2023-36809 Kiwi TCMS's misconfigured HTTP headers allow stored XSS execution with Firefox — Kiwi 8.1 High2023-07-05
CVE-2023-34244 GLPI vulnerable to reflected XSS in search pages — glpi 6.5 Medium2023-07-05
CVE-2023-3506 Active It Zone Active eCommerce CMS Create Ticket Page support_ticket cross site scripting — Active eCommerce CMS 3.5 Low2023-07-04
CVE-2023-3505 Onest CRM Project List 2 cross site scripting — CRM 3.5 Low2023-07-04
CVE-2023-36816 Cross-Site Scripting (XSS) at Account creation in 2FAuth — 2FAuth 6.1 Medium2023-07-03
CVE-2023-36477 Persistent Cross-site Scripting (XSS) through CKEditor Configuration pages in XWiki Platform — xwiki-platform 9.1 Critical2023-06-30
CVE-2023-3479 Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp — hestiacp/hestiacp 6.1 -2023-06-30

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21572 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.