CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21538

21538 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-1302	SourceCodester File Tracker Manager System borrow1.php cross site scripting — File Tracker Manager System	3.5	Low	2023-03-09
CVE-2023-1286	Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore	5.4	-	2023-03-09
CVE-2023-1278	IBOS index.php cross site scripting — IBOS	3.5	Low	2023-03-08
CVE-2023-1275	SourceCodester Phone Shop Sales Managements System CAPTCHA index.php cross site scripting — Phone Shop Sales Managements System	3.5	Low	2023-03-08
CVE-2023-1270	Cross-site Scripting in btcpayserver/btcpayserver — btcpayserver/btcpayserver	5.4	-	2023-03-08
CVE-2022-40676	Fortinet FortiNAC 跨站脚本漏洞 — FortiNAC	7.1	High	2023-03-07
CVE-2023-1254	SourceCodester Health Center Patient Record Management System birthing_print.php cross site scripting — Health Center Patient Record Management System	3.5	Low	2023-03-07
CVE-2023-1237	Cross-site Scripting (XSS) - Stored in answerdev/answer — answerdev/answer	5.4	-	2023-03-07
CVE-2023-1238	Cross-site Scripting (XSS) - Stored in answerdev/answer — answerdev/answer	5.4	-	2023-03-07
CVE-2023-1239	Cross-site Scripting (XSS) - Reflected in answerdev/answer — answerdev/answer	6.1	-	2023-03-07
CVE-2023-1240	Cross-site Scripting (XSS) - Stored in answerdev/answer — answerdev/answer	5.4	-	2023-03-07
CVE-2023-1241	Cross-site Scripting (XSS) - Stored in answerdev/answer — answerdev/answer	5.4	-	2023-03-07
CVE-2023-1242	Cross-site Scripting (XSS) - Stored in answerdev/answer — answerdev/answer	5.4	-	2023-03-07
CVE-2023-1243	Cross-site Scripting (XSS) - Stored in answerdev/answer — answerdev/answer	5.4	-	2023-03-07
CVE-2023-1244	Cross-site Scripting (XSS) - Stored in answerdev/answer — answerdev/answer	5.4	-	2023-03-07
CVE-2023-1245	Cross-site Scripting (XSS) - Stored in answerdev/answer — answerdev/answer	5.4	-	2023-03-07
CVE-2015-10095	woo-popup Plugin class-woo-popup-admin.php cross site scripting — woo-popup Plugin	3.5	Low	2023-03-06
CVE-2023-27472	HTML tags in entity names in the tree view are not sanitised in quickentity-editor-next — quickentity-editor-next	8.2	High	2023-03-06
CVE-2023-27474	HTML Injection in Password Reset email to custom Reset URL in directus — directus	8.0	High	2023-03-06
CVE-2023-1200	ehuacui bbs cross site scripting — bbs	3.5	Low	2023-03-06
CVE-2022-4930	nuxsmin sysPass URL cross site scripting — sysPass	3.5	Low	2023-03-06
CVE-2015-10094	Fastly Plugin api.php post cross site scripting — Fastly Plugin	2.4	Low	2023-03-06
CVE-2022-2178	XSS in Saysis' Starcities — Starcities	6.1	Medium	2023-03-06
CVE-2015-10093	Mark User as Spammer Plugin plugin.php user_row_actions cross site scripting — Mark User as Spammer Plugin	2.6	Low	2023-03-06
CVE-2023-22857	Stored cross-site scripting in BlogEngine.NET version 3.3.8.0 — BlogEngine.NET	8.5	High	2023-03-06
CVE-2023-22856	Stored cross-site scripting in BlogEngine.NET version 3.3.8.0 — BlogEngine.NET	8.5	High	2023-03-06
CVE-2015-10092	Qtranslate Slug Plugin class-qtranslate-slug.php add_slug_meta_box cross site scripting — Qtranslate Slug Plugin	3.5	Low	2023-03-06
CVE-2022-4929	icplayer tts-utils.js cross site scripting — icplayer	3.5	Low	2023-03-06
CVE-2022-4928	icplayer presenter.js AddonText_Selection_create cross site scripting — icplayer	3.5	Low	2023-03-06
CVE-2021-36398	Moodle 跨站脚本漏洞 — Moodle	5.4	-	2023-03-06

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21538 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21538