CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21547

21547 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-47438	WordPress Booking calendar, Appointment Booking System Plugin <= 3.2.3 is vulnerable to Cross Site Scripting (XSS) — Booking calendar, Appointment Booking System	5.9	Medium	2023-03-29
CVE-2022-47433	WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Scripting (XSS) — Multi Rating	7.1	High	2023-03-29
CVE-2023-28158	Apache Archiva privilege escalation — Apache Archiva	6.5	Medium	2023-03-29
CVE-2023-1690	SourceCodester Earnings and Expense Tracker App cross site scripting — Earnings and Expense Tracker App	3.5	Low	2023-03-29
CVE-2023-1689	SourceCodester Earnings and Expense Tracker App cross site scripting — Earnings and Expense Tracker App	3.5	Low	2023-03-29
CVE-2023-1688	SourceCodester Earnings and Expense Tracker App cross site scripting — Earnings and Expense Tracker App	3.5	Low	2023-03-29
CVE-2023-1687	SourceCodester Simple Task Allocation System cross site scripting — Simple Task Allocation System	3.5	Low	2023-03-29
CVE-2023-1686	SourceCodester Young Entrepreneur E-Negosyo System GET Parameter index.php cross site scripting — Young Entrepreneur E-Negosyo System	3.5	Low	2023-03-29
CVE-2023-1701	Cross-site Scripting (XSS) - Reflected in pimcore/pimcore — pimcore/pimcore	5.4	-	2023-03-29
CVE-2023-1702	Cross-site Scripting (XSS) - Generic in pimcore/pimcore — pimcore/pimcore	5.4	-	2023-03-29
CVE-2023-1703	Cross-site Scripting (XSS) - Generic in pimcore/pimcore — pimcore/pimcore	5.4	-	2023-03-29
CVE-2023-1704	Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore	5.4	-	2023-03-29
CVE-2023-28447	Cross site scripting vulnerability in Javascript escaping in smarty/smarty — smarty	7.1	High	2023-03-28
CVE-2023-25704	WordPress Interactive SVG Image Map Builder Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) — Interactive SVG Image Map Builder	5.9	Medium	2023-03-28
CVE-2022-47170	WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.48 is vulnerable to Cross Site Scripting (XSS) — Unlimited Elements For Elementor (Free Widgets, Addons, Templates)	5.9	Medium	2023-03-28
CVE-2022-46863	WordPress Quick Event Manager Plugin <= 9.6.4 is vulnerable to Cross Site Scripting (XSS) — Quick Event Manager	5.9	Medium	2023-03-28
CVE-2022-46855	WordPress Responsive Pricing Table Plugin <= 5.1.6 is vulnerable to Cross Site Scripting (XSS) — Responsive Pricing Table	6.5	Medium	2023-03-28
CVE-2022-46848	WordPress Visualizer Plugin <= 3.9.1 is vulnerable to Cross Site Scripting (XSS) — Visualizer: Tables and Charts Manager for WordPress	6.5	Medium	2023-03-28
CVE-2022-45831	WordPress Image Hover Effects - Caption Hover with Carousel Plugin <= 2.8 is vulnerable to Cross Site Scripting (XSS) — Image Hover Effects for Elementor with Lightbox and Flipbox	7.1	High	2023-03-28
CVE-2022-45825	WordPress WPComplete Plugin <= 2.9.4 is vulnerable to Cross Site Scripting (XSS) — WPComplete	7.1	High	2023-03-28
CVE-2023-28629	Stored XSS possible on VSM and Job Details pages via malicious pipeline label configuration in gocd — gocd	5.4	Medium	2023-03-27
CVE-2022-48429	JetBrains Hub 跨站脚本漏洞 — Hub	4.6	Medium	2023-03-27
CVE-2022-48428	JetBrains TeamCity 跨站脚本漏洞 — TeamCity	4.6	Medium	2023-03-27
CVE-2022-48426	JetBrains TeamCity 跨站脚本漏洞 — TeamCity	4.6	Medium	2023-03-27
CVE-2022-48427	JetBrains TeamCity 跨站脚本漏洞 — TeamCity	4.6	Medium	2023-03-27
CVE-2023-22707	WordPress Greenshift – animation and page builder blocks Plugin <= 4.9.9 is vulnerable to Cross Site Scripting (XSS) — Greenshift – animation and page builder blocks	5.9	Medium	2023-03-27
CVE-2022-47146	WordPress Real Estate 7 Theme <= 3.3.1 is vulnerable to Cross Site Scripting (XSS) — Real Estate 7 WordPress	7.1	High	2023-03-27
CVE-2022-46843	WordPress Woocommerce Vietnam Checkout Plugin <= 2.0.4 is vulnerable to Cross Site Scripting (XSS) — Woocommerce Vietnam Checkout	7.1	High	2023-03-27
CVE-2023-22249	Adobe Commerce Stored XSS Arbitrary code execution — Magento Commerce	4.8	Medium	2023-03-27
CVE-2023-22902	Openfind Mail2000 - XSS — Mail2000	5.4	Medium	2023-03-27

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21547 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21547