CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21536

21536 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-0867	Multiple stored and reflected Cross-site Scripting in webapp — Meridian	6.7	Medium	2023-02-23
CVE-2023-0966	SourceCodester Online Eyewear Shop cross site scripting — Online Eyewear Shop	2.4	Low	2023-02-22
CVE-2023-24810	Cross site scripting (XSS) vulnerability using authentication callback in Misskey — misskey	7.1	High	2023-02-22
CVE-2023-24811	Cross site scripting (XSS) vulnerability using url preview in Misskey — misskey	7.1	High	2023-02-22
CVE-2023-25154	Cross site scripting (XSS) of ActivityPub URI in misskey — misskey	7.1	High	2023-02-22
CVE-2023-0846	Unauthenticated, stored XSS in display of alarm reduction-key — Horizon	6.7	Medium	2023-02-22
CVE-2022-43578	IBM Sterling B2B Integrator Standard Edition cross-site scripting — Sterling B2B Integrator Standard Edition	4.6	Medium	2023-02-22
CVE-2021-4325	NHN TOAST UI Chart Legend cross site scripting — TOAST UI Chart	3.5	Low	2023-02-22
CVE-2023-0949	Cross-site Scripting (XSS) - Reflected in modoboa/modoboa — modoboa/modoboa	6.1	-	2023-02-22
CVE-2023-25811	Persistent Cross site scripting (XSS) in Uptime Kuma — uptime-kuma	6.3	Medium	2023-02-21
CVE-2023-25810	Persistent Cross site scripting (XSS) through description in status page in Uptime Kuma — uptime-kuma	6.3	Medium	2023-02-21
CVE-2023-0945	SourceCodester Best POS Management System cross site scripting — Best POS Management System	3.5	Low	2023-02-21
CVE-2023-0942	Japanized For WooCommerce <= 2.5.4 - Reflected Cross-Site Scripting — Japanized for WooCommerce	6.1	Medium	2023-02-21
CVE-2023-25928	IBM InfoSphere Information Server cross-site scripting — InfoSphere Information Server	4.6	Medium	2023-02-21
CVE-2014-125089	cention-chatserver InternalChatProtocol.fe _formatBody cross site scripting — cention-chatserver	3.5	Low	2023-02-21
CVE-2023-0934	Cross-site Scripting (XSS) - Stored in answerdev/answer — answerdev/answer	5.4	-	2023-02-21
CVE-2016-15027	meta4creations Post Duplicator Plugin notices.php mtphr_post_duplicator_notice cross site scripting — Post Duplicator Plugin	3.5	Low	2023-02-20
CVE-2016-15025	generator-hottowel 404 Error _app.js cross site scripting — generator-hottowel	3.5	Low	2023-02-20
CVE-2015-10080	NREL api-umbrella-web Admin Data Table cross site scripting — api-umbrella-web	3.5	Low	2023-02-20
CVE-2014-125088	qt-users-jp silk header.qml cross site scripting — silk	3.5	Low	2023-02-20
CVE-2021-32850	jQuery MiniColors vulnerable to Cross-site Scripting — @claviska/jquery-minicolors	6.1	Medium	2023-02-20
CVE-2021-32851	jQuery MiniColors vulnerable to Cross-site Scripting — mind-elixir	6.1	Medium	2023-02-20
CVE-2021-32852	countly-server vulnerable to Cross-site Scripting — countly-server	5.4	Medium	2023-02-20
CVE-2021-32853	Erxes vulnerable to Cross-site Scripting — erxes	6.1	Medium	2023-02-20
CVE-2021-32854	textAngular text editor vulnerable to Cross-site Scripting — textangular	6.1	Medium	2023-02-20
CVE-2021-32855	vditor vulnerable to Cross-site Scripting — vditor	6.1	Medium	2023-02-20
CVE-2021-32856	Microweber vulnerable to Cross-site Scripting — microweber	6.1	Medium	2023-02-20
CVE-2021-32857	Cockpit vulnerable to Cross-site Scripting — microweber	6.1	Medium	2023-02-20
CVE-2021-32858	esdoc-publish-html-plugin vulnerable to Cross-site Scripting — esdoc-publish-html-plugin	6.1	Medium	2023-02-20
CVE-2021-32859	Baremetrics date range picker vulnerable to Cross-site Scripting — baremetrics-calendar	6.1	Medium	2023-02-20

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21536 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21536