Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-2730 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2023-05-16
CVE-2023-31145 Reflected XSS vulnerability in CollaboraOnline — online 4.3 Medium2023-05-15
CVE-2023-23682 WordPress EZP Maintenance Mode Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS) — EZP Maintenance Mode 5.9 Medium2023-05-15
CVE-2023-23654 WordPress SparkPost Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS) — SparkPost 5.9 Medium2023-05-15
CVE-2023-23683 WordPress White Label Branding for Elementor Page Builder Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS) — White Label Branding for Elementor Page Builder 5.9 Medium2023-05-15
CVE-2023-23674 WordPress WP Original Media Path Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS) — WP Original Media Path 5.9 Medium2023-05-15
CVE-2023-23688 WordPress Social Share Boost Plugin <= 4.4 is vulnerable to Cross Site Scripting (XSS) — Social Share Boost 6.5 Medium2023-05-15
CVE-2023-22717 WordPress FormCraft Plugin <= 1.2.6 is vulnerable to Cross Site Scripting (XSS) — FormCraft 6.5 Medium2023-05-15
CVE-2023-22706 WordPress PropertyHive Plugin <= 1.5.48 is vulnerable to Cross Site Scripting (XSS) — PropertyHive 7.1 High2023-05-15
CVE-2023-22703 WordPress WCP Contact Form Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS) — WCP Contact Form 7.1 High2023-05-15
CVE-2023-22690 WordPress Ebook Store Plugin <= 5.775 is vulnerable to Cross Site Scripting (XSS) — Ebook Store 5.9 Medium2023-05-15
CVE-2023-22684 WordPress Subscribers – Free Web Push Notifications Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS) — Subscribers 5.9 Medium2023-05-15
CVE-2023-2692 SourceCodester ICT Laboratory Management System GET Parameter room_info.php cross site scripting — ICT Laboratory Management System 3.5 Low2023-05-14
CVE-2023-2691 SourceCodester Personnel Property Equipment System POST Parameter add_item.php cross site scripting — Personnel Property Equipment System 3.5 Low2023-05-14
CVE-2023-22685 WordPress Category Specific RSS feed Subscription Plugin <= v2.2 is vulnerable to Cross Site Scripting (XSS) — Category Specific RSS feed Subscription 5.9 Medium2023-05-12
CVE-2023-25460 WordPress Easy Ad Manager Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS) — Easy Ad Manager 5.9 Medium2023-05-12
CVE-2023-25958 WordPress Simple Tooltips Plugin <= 2.1.4 is vulnerable to Cross Site Scripting (XSS) — Simple Tooltips 5.9 Medium2023-05-12
CVE-2023-28414 WordPress ApexChat Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS) — ApexChat 5.9 Medium2023-05-12
CVE-2023-23810 WordPress Panorama – WordPress Project Management Plugin Plugin <= 1.5 is vulnerable to Cross Site Scripting (XSS) — Panorama 5.9 Medium2023-05-12
CVE-2023-23867 WordPress Button Builder – Buttons X Plugin <= 0.8.6 is vulnerable to Cross Site Scripting (XSS) — Button Builder – Buttons X 6.5 Medium2023-05-12
CVE-2023-2678 SourceCodester File Tracker Manager System POST Parameter save_user.php cross site scripting — File Tracker Manager System 3.5 Low2023-05-12
CVE-2023-2671 SourceCodester Lost and Found Information System Contact Form cross site scripting — Lost and Found Information System 3.5 Low2023-05-12
CVE-2023-2667 SourceCodester Lost and Found Information System cross site scripting — Lost and Found Information System 3.5 Low2023-05-12
CVE-2023-28520 IBM Planning Analytics Local cross-site scripting — Planning Analytics Local 6.4 Medium2023-05-12
CVE-2021-39036 IBM Cognos Analytics cross-site scripting — Cognos Analytics 6.1 Medium2023-05-12
CVE-2023-29022 Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack — ArmorStart ST 4.7 Medium2023-05-11
CVE-2023-29029 Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack — ArmorStart ST 4.7 Medium2023-05-11
CVE-2023-29028 Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack — ArmorStart ST 4.7 Medium2023-05-11
CVE-2023-29027 Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack — ArmorStart ST 4.7 Medium2023-05-11
CVE-2023-29025 Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack — ArmorStart ST 4.7 Medium2023-05-11

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.