CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-43376	Schneider Electric NetBotz 跨站脚本漏洞 — NetBotz 4 - 355/450/455/550/570	7.6	High	2023-04-18
CVE-2023-2155	SourceCodester Air Cargo Management System cross site scripting — Air Cargo Management System	2.4	Low	2023-04-18
CVE-2023-2153	SourceCodester Complaint Management System POST Parameter editable_ajax.php cross site scripting — Complaint Management System	3.5	Low	2023-04-18
CVE-2022-45836	WordPress Download Manager Plugin <= 3.2.59 is vulnerable to Cross Site Scripting (XSS) — Download Manager	7.1	Medium	2023-04-18
CVE-2022-44632	WordPress Content Repeater – Custom Posts Simplified Plugin <= 1.1.13 is vulnerable to Cross Site Scripting (XSS) — Content Repeater – Custom Posts Simplified	4.8	Medium	2023-04-18
CVE-2022-44735	WordPress WP Clictracker Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS) — WP Clictracker	4.8	Medium	2023-04-18
CVE-2022-45839	WordPress WHA Puzzle Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS) — WHA Puzzle	5.3	Medium	2023-04-18
CVE-2022-45838	WordPress ARForms Form Builder Plugin <= 1.5.5 is vulnerable to Cross Site Scripting (XSS) — ARForms Form Builder	6.1	Medium	2023-04-18
CVE-2023-2120	Thumbnail carousel slider <= 1.1.9 - Reflected Cross-Site Scripting — Thumbnail carousel slider	6.1	Medium	2023-04-18
CVE-2023-2119	Responsive Filterable Portfolio <= 1.0.19 - Reflected Cross-Site Scripting — Responsive Filterable Portfolio	6.1	Medium	2023-04-18
CVE-2022-46389	Cross-Site Scripting (XSS) vulnerability found on logout functionality — Now Platform	6.1	Medium	2023-04-17
CVE-2023-2109	Cross-site Scripting (XSS) - DOM in chatwoot/chatwoot — chatwoot/chatwoot	6.1	-	2023-04-17
CVE-2022-45849	WordPress Activello Theme <= 1.4.4 is vulnerable to Cross Site Scripting (XSS) — Activello	5.4	Medium	2023-04-16
CVE-2022-44734	WordPress Car Rental by BestWebSoft Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS) — Car Rental by BestWebSoft	4.8	Medium	2023-04-16
CVE-2022-43458	WordPress Advanced Floating Content Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS) — Advanced Floating Content	4.1	Medium	2023-04-16
CVE-2022-43480	WordPress Homepage Pop-up Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS) — Homepage Pop-up	6.1	Medium	2023-04-16
CVE-2023-29506	org.xwiki.platform:xwiki-platform-security-authentication-default XSS with authenticated endpoints — xwiki-platform	5.4	Medium	2023-04-16
CVE-2015-10101	Google Analytics Top Content Widget Plugin class-tgm-plugin-activation.php cross site scripting — Google Analytics Top Content Widget Plugin	3.5	Low	2023-04-15
CVE-2023-29207	Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro — xwiki-platform	8.9	High	2023-04-15
CVE-2023-29206	org.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins — xwiki-platform	9.1	Critical	2023-04-15
CVE-2023-29205	org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro — xwiki-platform	10.0	Critical	2023-04-15
CVE-2023-29202	org.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerability — xwiki-platform	9.1	Critical	2023-04-15
CVE-2023-29201	org.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability — xwiki-commons	9.1	Critical	2023-04-15
CVE-2023-2100	SourceCodester Vehicle Service Management System index.php cross site scripting — Vehicle Service Management System	3.5	Low	2023-04-15
CVE-2023-2099	SourceCodester Vehicle Service Management System Users.php cross site scripting — Vehicle Service Management System	3.5	Low	2023-04-15
CVE-2023-2098	SourceCodester Vehicle Service Management System topBarNav.php cross site scripting — Vehicle Service Management System	3.5	Low	2023-04-15
CVE-2023-2102	Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments — alextselegidis/easyappointments	5.4	-	2023-04-15
CVE-2023-2103	Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments — alextselegidis/easyappointments	5.4	-	2023-04-15
CVE-2023-2077	Campcodes Online Traffic Offense Management System view_details.php cross site scripting — Online Traffic Offense Management System	3.5	Low	2023-04-14
CVE-2023-2076	Campcodes Online Traffic Offense Management System Users.phpp cross site scripting — Online Traffic Offense Management System	3.5	Low	2023-04-14

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551