CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-33216	WordPress WooDiscuz – WooCommerce Comments Plugin <= 2.2.9 is vulnerable to Cross Site Scripting (XSS) — WooDiscuz – WooCommerce Comments	5.9	Medium	2023-05-28
CVE-2023-2949	Cross-site Scripting (XSS) - Reflected in openemr/openemr — openemr/openemr	6.1	-	2023-05-28
CVE-2023-2948	Cross-site Scripting (XSS) - Generic in openemr/openemr — openemr/openemr	5.4	-	2023-05-28
CVE-2023-2925	Webkul krayin crm Edit Person Page 2 cross site scripting — krayin crm	2.4	Low	2023-05-27
CVE-2023-2922	SourceCodester Comment System GET Parameter index.php cross site scripting — Comment System	3.5	Low	2023-05-27
CVE-2023-32686	kiwitcms vulnerable to stored XSS via unrestricted files upload — Kiwi	8.1	High	2023-05-27
CVE-2023-33195	Craft CMS XSS in RSS widget feed — cms	5.0	Medium	2023-05-27
CVE-2023-2947	Cross-site Scripting (XSS) - Stored in openemr/openemr — openemr/openemr	5.4	-	2023-05-27
CVE-2023-32325	Cross-site scripting in PostHog-js — posthog-js	5.4	Medium	2023-05-26
CVE-2023-29098	WordPress CopySafe Web Protection Plugin <= 3.13 is vulnerable to Cross Site Scripting (XSS) — CopySafe Web Protection	7.1	High	2023-05-26
CVE-2023-25781	WordPress Upload File Type Settings Plugin Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS) — Upload File Type Settings Plugin	5.9	Medium	2023-05-26
CVE-2022-45366	WordPress Slimstat Analytics Plugin <= 5.0.4 is vulnerable to Cross Site Scripting (XSS) — Slimstat Analytics	7.1	High	2023-05-25
CVE-2022-46907	Apache JSPWiki: XSS Injection points in several plugins — Apache JSPWiki	6.1	-	2023-05-25
CVE-2023-25028	WordPress CC Custom Taxonomy Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS) — CC Custom Taxonomy	5.9	Medium	2023-05-24
CVE-2023-33944	Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal	4.8	Medium	2023-05-24
CVE-2023-33943	Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal	5.4	Medium	2023-05-24
CVE-2023-33942	Liferay Portal和Liferay DXP跨站脚本漏洞 — Portal	5.4	Medium	2023-05-24
CVE-2023-33941	Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal	6.1	Medium	2023-05-24
CVE-2023-33940	Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal	4.8	Medium	2023-05-24
CVE-2023-33939	Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal	5.4	Medium	2023-05-24
CVE-2023-33938	Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal	4.8	Medium	2023-05-24
CVE-2023-33937	Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal	5.4	Medium	2023-05-24
CVE-2023-2864	SourceCodester Online Jewelry Store POST Parameter customer.php cross site scripting — Online Jewelry Store	3.5	Low	2023-05-24
CVE-2023-2862	SiteServer CMS search cross site scripting — CMS	3.5	Low	2023-05-24
CVE-2023-2498	Go Pricing - WordPress Responsive Pricing Tables <= 3.3.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Go Pricing - WordPress Responsive Pricing Tables	6.4	Medium	2023-05-23
CVE-2023-1209	ServiceNow 跨站脚本漏洞 — ServiceNow Records	4.3	Medium	2023-05-23
CVE-2023-30469	Reflrected Cross Site Scripting Vulnerability in Hitachi Ops Center Analyzer — Hitachi Ops Center Analyzer	7.6	High	2023-05-23
CVE-2023-2587	Teltonika Remote Management System 跨站脚本漏洞 — Remote Management System	7.5	High	2023-05-22
CVE-2023-2826	SourceCodester Class Scheduling System POST Parameter search_teacher_result.php cross site scripting — Class Scheduling System	3.5	Low	2023-05-21
CVE-2023-2824	SourceCodester Dental Clinic Appointment Reservation System POST Parameter service.php cross site scripting — Dental Clinic Appointment Reservation System	3.5	Low	2023-05-20

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551