Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21570

21570 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-3475 SimplePHPscripts Event Script URL Parameter preview.php cross site scripting — Event Script 3.5 Low2023-06-30
CVE-2023-3474 SimplePHPscripts Simple Blog URL Parameter preview.php cross site scripting — Simple Blog 3.5 Low2023-06-30
CVE-2023-3469 Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq — thorsten/phpmyfaq 6.1 -2023-06-30
CVE-2023-3465 SimplePHPscripts Classified Ads Script HTTP POST Request user.php cross site scripting — Classified Ads Script 3.5 Low2023-06-29
CVE-2023-3464 SimplePHPscripts Classified Ads Script URL Parameter preview.php cross site scripting — Classified Ads Script 3.5 Low2023-06-29
CVE-2023-36474 Interactsh server settings make users vulnerable to Subdomain Takeover — interactsh 8.2 High2023-06-28
CVE-2023-3445 Cross-site Scripting (XSS) - Stored in spinacms/spina — spinacms/spina 5.4 -2023-06-28
CVE-2023-3332 NEC Aterm WG2200HP 跨站脚本漏洞 — Aterm WG2600HP2 6.0 -2023-06-28
CVE-2023-20120 Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities — Cisco Web Security Appliance (WSA) 5.4 Medium2023-06-28
CVE-2023-20119 多款Cisco产品 跨站脚本漏洞 — Cisco Secure Email and Web Manager 6.1 Medium2023-06-28
CVE-2023-20028 Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities — Cisco Web Security Appliance (WSA) 5.4 Medium2023-06-28
CVE-2023-36463 Cross site scripting (XSS) in meldekarten generator — meldekarten-generator 5.3 Medium2023-06-27
CVE-2023-26274 IBM QRadar cross-site scripting — Security QRadar SIEM 4.6 Medium2023-06-27
CVE-2023-32339 IBM Business Automation Workflow cross-site scripting — Business Automation Workflow 6.1 Medium2023-06-27
CVE-2023-3412 Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite <= 1.0.0 - Missing Authorization to Stored Cross-Site Scripting — Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite 6.4 Medium2023-06-27
CVE-2023-29438 WordPress SimpleModal Contact Form (SMCF) Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS) — SimpleModal Contact Form (SMCF) 5.9 Medium2023-06-26
CVE-2023-29437 WordPress Connections Business Directory Plugin <= 10.4.36 is vulnerable to Cross Site Scripting (XSS) — Connections Business Directory 6.5 Medium2023-06-26
CVE-2023-29435 WordPress Cryptocurrency All-in-One Plugin <= 3.0.19 is vulnerable to Cross Site Scripting (XSS) — Cryptocurrency All-in-One 6.5 Medium2023-06-26
CVE-2023-29436 WordPress IFrame Shortcode Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS) — IFrame Shortcode 6.5 Medium2023-06-26
CVE-2023-29434 WordPress Optin Forms Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS) — Optin Forms – Simple List Building Plugin for WordPress 5.9 Medium2023-06-26
CVE-2023-29430 WordPress TheRoof Theme <= 1.0.3 is vulnerable to Cross Site Scripting (XSS) — TheRoof 7.1 High2023-06-26
CVE-2023-29427 WordPress Amelia Plugin <= 1.0.75 is vulnerable to Cross Site Scripting (XSS) — Booking for Appointments and Events Calendar – Amelia 7.1 High2023-06-26
CVE-2023-29424 WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.23 is vulnerable to Cross Site Scripting (XSS) — ShiftController Employee Shift Scheduling 7.1 High2023-06-26
CVE-2023-29423 WordPress Cancel order request WooCommerce Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS) — Cancel order request / Return order / Repeat Order / Reorder for WooCommerce 5.9 Medium2023-06-26
CVE-2023-29093 WordPress Conditional extra fees for woocommerce Plugin <= 1.0.96 is vulnerable to Cross Site Scripting (XSS) — Conditional cart fee 5.9 Medium2023-06-26
CVE-2023-28991 WordPress Order date time for WooCommerce Plugin <= 3.0.19 is vulnerable to Cross Site Scripting (XSS) — Order date, Order pickup, Order date time, Pickup Location, delivery date for WooCommerce 5.9 Medium2023-06-26
CVE-2023-28992 WordPress Coupon Affiliates Plugin <= 5.4.3 is vulnerable to Cross Site Scripting (XSS) — Coupon Affiliates – WooCommerce Affiliate Plugin 7.1 High2023-06-26
CVE-2023-28988 WordPress Direct checkout, Add to cart redirect for Woocommerce Plugin <= 2.1.48 is vulnerable to Cross Site Scripting (XSS) — Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce 5.9 Medium2023-06-26
CVE-2023-3388 Beautiful Cookie Consent Banner <= 2.10.1 - Unauthenticated Stored Cross-Site Scripting — Beautiful Cookie Consent Banner 7.2 High2023-06-24
CVE-2023-3387 Lana Text to Image <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Lana Text to Image 6.4 Medium2023-06-24

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21570 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.