Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-44743 WordPress Jobs for WordPress Plugin <= 2.5.11.2 is vulnerable to Cross Site Scripting (XSS) — Jobs for WordPress 6.5 Medium2023-04-23
CVE-2022-45361 WordPress 0mk Shortener Plugin <= 0.2 is vulnerable to Cross Site Scripting (XSS) — 0mk Shortener 5.9 Medium2023-04-23
CVE-2023-24404 WordPress Marketing Performance Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS) — Marketing Performance 7.1 High2023-04-23
CVE-2023-24386 WordPress AI Contact Us Form Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) — AI Contact Us Form 5.9 Medium2023-04-23
CVE-2023-22698 WordPress Theme Blvd Responsive Google Maps Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS) — Theme Blvd Responsive Google Maps 6.5 Medium2023-04-23
CVE-2023-22718 WordPress User Meta Manager Plugin <= 3.4.9 is vulnerable to Cross Site Scripting (XSS) — User Meta Manager 7.1 High2023-04-23
CVE-2022-47435 WordPress WP-OliveCart Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS) — WP-OliveCart 5.9 Medium2023-04-23
CVE-2022-44594 WordPress All in One Time Clock Lite Plugin <= 1.3.320 is vulnerable to Cross Site Scripting (XSS) — All in One Time Clock Lite 4.8 Medium2023-04-23
CVE-2022-44582 WordPress Apptivo Business Site CRM Plugin <= 3.0.12 is vulnerable to Cross Site Scripting (XSS) — Apptivo Business Site CRM 4.8 Medium2023-04-23
CVE-2022-44631 WordPress 1app Business Forms Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS) — 1app Business Forms 4.8 Medium2023-04-23
CVE-2023-1875 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq — thorsten/phpmyfaq 5.4 Medium2023-04-22
CVE-2023-2139 Reflected Cross-site Scripting vulnerability affecting DELMIA Apriso Release 2017 through Release 2022 — DELMIA Apriso 5.4 Medium2023-04-21
CVE-2023-2220 Dream Technology mica Form Object cross site scripting — mica 3.5 Low2023-04-21
CVE-2023-2219 SourceCodester Task Reminder System Users.php cross site scripting — Task Reminder System 3.5 Low2023-04-21
CVE-2023-2216 Campcodes Coffee Shop POS System Users.php cross site scripting — Coffee Shop POS System 3.5 Low2023-04-21
CVE-2022-47509 SolarWinds Platform Incorrect Input Neutralization Vulnerability — SolarWinds Platform 6.1 Medium2023-04-21
CVE-2023-29528 Cross-site Scripting in org.xwiki.commons:xwiki-commons-xml — xwiki-commons 9.1 Critical2023-04-20
CVE-2023-23938 Cross-site Scripting (XSS) through the name of a color of select box values in tuleap — tuleap 5.9 Medium2023-04-20
CVE-2023-1767 Snyk Advisor 跨站脚本漏洞 — Snyk Advisor 4.3 Medium2023-04-20
CVE-2022-4942 mportuga eslint-detailed-reporter template-generator.js renderIssue cross site scripting — eslint-detailed-reporter 3.5 Low2023-04-20
CVE-2023-2191 Cross-site Scripting (XSS) - Stored in azuracast/azuracast — azuracast/azuracast 5.4 -2023-04-20
CVE-2023-30614 Improper Neutralization of Script-Related HTML Tags in a Web Page in pay — pay 7.1 High2023-04-19
CVE-2023-2170 TaxoPress <= 3.6.4 - Authenticated (Editor+) Stored Cross-Site Scripting — Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI 5.5 Medium2023-04-19
CVE-2023-2169 TaxoPress <= 3.6.4 - Authenticated (Editor+) Stored Cross-Site Scripting — Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI 5.5 Medium2023-04-19
CVE-2023-2168 TaxoPress <= 3.6.4 - Authenticated (Editor+) Stored Cross-Site Scripting — Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI 5.5 Medium2023-04-19
CVE-2023-29515 Cross-site scripting (XSS) in xwiki-platform — xwiki-platform 7.7 High2023-04-18
CVE-2023-30538 Stored Cross-site Scripting via improper sanitization of svg files in Discourse — discourse 5.4 Medium2023-04-18
CVE-2023-29196 HTML injection via topic embedding in Discourse — discourse 4.2 Medium2023-04-18
CVE-2023-25553 Schneider Electric StruxureWare Data Center Expert 跨站脚本漏洞 — StruxureWare Data Center Expert 6.1 Medium2023-04-18
CVE-2023-25551 Schneider Electric StruxureWare Data Center Expert 跨站脚本漏洞 — StruxureWare Data Center Expert 6.1 Medium2023-04-18

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.