Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21538

21538 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-36399 Moodle 跨站脚本漏洞 — Moodle 5.4 -2023-03-06
CVE-2021-36401 Moodle 跨站脚本漏洞 — Moodle 4.8 -2023-03-06
CVE-2023-1197 Cross-site Scripting (XSS) - Stored in uvdesk/community-skeleton — uvdesk/community-skeleton 5.4 -2023-03-06
CVE-2023-1212 Cross-site Scripting (XSS) - Stored in phpipam/phpipam — phpipam/phpipam 5.4 -2023-03-06
CVE-2015-10090 Landing Pages Plugin cross site scripting — Landing Pages Plugin 3.5 Low2023-03-05
CVE-2014-125092 MaxButtons Plugin maxbuttons-button.php maxbuttons_strip_px cross site scripting — MaxButtons Plugin 3.5 Low2023-03-05
CVE-2006-10001 Subscribe to Comments Plugin subscribe-to-comments.php cross site scripting — Subscribe to Comments Plugin 3.5 Low2023-03-05
CVE-2015-10089 flame.js cross site scripting — flame.js 3.5 Low2023-03-05
CVE-2023-1180 SourceCodester Health Center Patient Record Management System hematology_print.php cross site scripting — Health Center Patient Record Management System 3.5 Low2023-03-05
CVE-2023-1179 SourceCodester Computer Parts Sales and Inventory System Add Supplier cross site scripting — Computer Parts Sales and Inventory System 3.5 Low2023-03-05
CVE-2008-10002 cfire24 ajaxlife cross site scripting — ajaxlife 3.5 Low2023-03-05
CVE-2023-1181 Cross-site Scripting (XSS) - Stored in icret/easyimages2.0 — icret/easyimages2.0 5.4 -2023-03-05
CVE-2014-125090 Media Downloader Plugin getfile.php dl_file_resumable cross site scripting — Media Downloader Plugin 3.5 Low2023-03-04
CVE-2023-26486 Vega `scale` expression function cross site scripting — vega 6.5 Medium2023-03-03
CVE-2023-26487 Vega has cross-site scripting vulnerability in `lassoAppend` function — vega 6.5 Medium2023-03-03
CVE-2023-26491 RSSHub is vulnerable to cross-site scripting (XSS) via unvalidated URL parameters — RSSHub 5.4 Medium2023-03-03
CVE-2023-23927 Craft CMS stored cross-site scripting vulnerability — cms 6.1 Medium2023-03-03
CVE-2023-0968 Watu Quiz <= 3.3.9 - Reflected Cross-Site Scripting — Watu Quiz 6.1 Medium2023-03-03
CVE-2023-0578 Multiple XSS in ASOS Information Technologies' Book Cites — Book Cites 6.1 Medium2023-03-03
CVE-2023-0577 Multiple XSS in ASOS Information Technologies' Sobiad — SOBIAD 6.1 Medium2023-03-03
CVE-2023-20069 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability — Cisco Prime Infrastructure 5.4 -2023-03-03
CVE-2023-20104 Cisco Webex App for Web Cross-Site Scripting Vulnerability — Cisco Webex Teams 6.1 Medium2023-03-03
CVE-2022-35645 IBM Maximo Asset Management cross-site scripting — Maximo Asset Management 6.4 Medium2023-03-02
CVE-2023-0084 Metform Elementor Contact Form Builder <= 3.1.2 - Unauthenticated Stored Cross-Site Scripting — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor 7.2 High2023-03-02
CVE-2023-1156 SourceCodester Health Center Patient Record Management System fecalysis_form.php cross site scripting — Health Center Patient Record Management System 3.5 Low2023-03-02
CVE-2023-26480 XWiki-Platform vulnerable to stored Cross-site Scripting via the HTML displayer in Live Data — xwiki-platform 8.9 High2023-03-02
CVE-2023-1155 Cost Calculator <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting — Cost Calculator 6.4 Medium2023-03-02
CVE-2021-45479 XSS in Yordam Library Automation System — Library Automation System 5.4 Medium2023-03-02
CVE-2023-22462 Stored XSS in Grafana Text plugin — grafana 6.4 Medium2023-03-02
CVE-2023-1106 Cross-site Scripting (XSS) - Reflected in flatpressblog/flatpress — flatpressblog/flatpress 6.1 -2023-03-02

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21538 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.