Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21570

21570 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-1724 Faveo Helpdesk Enterprise 6.0.1 - Privilege Escalation via Stored XSS — Faveo Helpdesk 7.3 High2023-06-24
CVE-2023-1783 OrangeScrum 2.0.11 - AWS Credentials Leak via PDF Rendering — Orangescrum 6.5 Medium2023-06-23
CVE-2023-35162 XPlatform Wiki vulnerable to cross-site scripting via xcontinue parameter in preview actions template — xwiki-platform 9.7 Critical2023-06-23
CVE-2023-35155 XWiki Platform vulnerable to cross-site scripting in target parameter via share page by email — xwiki-platform 8.8 High2023-06-23
CVE-2023-35153 XWiki Platform vulnerable to stored cross-site scripting in ClassEditSheet page via name parameters — xwiki-platform 9.1 Critical2023-06-23
CVE-2023-34464 XWiki vulnerable to stored cross-site scripting via any wiki document and the displaycontent/rendercontent template — xwiki-platform 9.1 Critical2023-06-23
CVE-2023-28751 WordPress Wp Ultimate Review Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS) — Wp Ultimate Review 5.9 Medium2023-06-23
CVE-2023-27427 WordPress CRM Memberships Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS) — CRM Memberships 5.9 Medium2023-06-23
CVE-2023-29100 WordPress The7 Theme <= 11.6.0 is vulnerable to Cross Site Scripting (XSS) — The7 7.1 High2023-06-23
CVE-2023-32580 WordPress Password Protected Plugin <= 2.6.2 is vulnerable to Cross Site Scripting (XSS) — Password Protected 5.9 Medium2023-06-23
CVE-2023-35048 WordPress Booking and Rental Manager Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS) — Booking and Rental Manager for Bike 5.9 Medium2023-06-23
CVE-2023-34021 WordPress Church Admin Plugin <= 3.7.29 is vulnerable to Cross Site Scripting (XSS) — Church Admin 7.1 High2023-06-23
CVE-2023-34012 WordPress Premium Addons PRO Plugin <= 2.8.24 is vulnerable to Cross Site Scripting (XSS) — Premium Addons PRO 7.1 High2023-06-23
CVE-2023-3382 SourceCodester Game Result Matrix System GET Parameter save-delegates.php cross site scripting — Game Result Matrix System 3.5 Low2023-06-23
CVE-2023-3381 SourceCodester Online School Fees System GET Parameter datatable.php cross site scripting — Online School Fees System 3.5 Low2023-06-23
CVE-2023-28800 Output encoding missing in redrurl parameter — Client Connector 8.1 High2023-06-22
CVE-2023-34170 WordPress Quick/Bulk Order Form for WooCommerce Plugin <= 3.5.7 is vulnerable to Cross Site Scripting (XSS) — Quick/Bulk Order Form for WooCommerce 5.9 Medium2023-06-22
CVE-2023-34006 WordPress Telegram Bot & Channel Plugin <= 3.6.2 is vulnerable to Cross Site Scripting (XSS) — Telegram Bot & Channel 5.9 Medium2023-06-22
CVE-2023-33997 WordPress bbp style pack Plugin <= 5.5.5 is vulnerable to Cross Site Scripting (XSS) — bbp style pack 7.1 High2023-06-22
CVE-2023-28774 WordPress Review Stream Plugin <= 1.6.5 is vulnerable to Cross Site Scripting (XSS) — Review Stream 5.9 Medium2023-06-22
CVE-2023-34368 WordPress Kanban Boards for WordPress Plugin <= 2.5.20 is vulnerable to Cross Site Scripting (XSS) — Kanban Boards for WordPress 5.9 Medium2023-06-22
CVE-2023-33323 WordPress ARMember Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS) — ARMember 5.9 Medium2023-06-22
CVE-2023-32239 WordPress WoodMart Theme <= 7.2.1 is vulnerable to Cross Site Scripting (XSS) — WoodMart 5.4 Medium2023-06-22
CVE-2023-28418 WordPress Mediciti Lite Theme <= 1.3.0 is vulnerable to Cross Site Scripting (XSS) — Mediciti Lite 7.1 Medium2023-06-22
CVE-2023-28174 WordPress eRocket Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS) — eRocket 5.9 Medium2023-06-22
CVE-2023-27452 WordPress Button Generator – easily Button Builder Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS) — Button Generator – easily Button Builder 5.9 Medium2023-06-22
CVE-2023-26534 WordPress WP Repost Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS) — WP Repost 5.9 Medium2023-06-22
CVE-2023-26539 WordPress Advanced Text Widget Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS) — Advanced Text Widget 5.9 Medium2023-06-22
CVE-2023-35918 WordPress WooCommerce Bulk Stock Management Plugin <= 2.2.33 is vulnerable to Cross Site Scripting (XSS) — Bulk Stock Management 7.1 High2023-06-22
CVE-2023-30500 WordPress WPForms plugins - Reflected Cross Site Scripting (XSS) vulnerability — WPForms Lite 5.8 Medium2023-06-22

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21570 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.