Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21517

21517 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-50942 Incinga Web 2.8.2 Client-Side Cross-Site Scripting via EventListener — Incinga Web 5.4 Medium2026-02-01
CVE-2022-50940 Knap Advanced PHP Login 3.1.3 Persistent Cross-Site Scripting via Name Parameter — Knap Advanced PHP Login 6.4 Medium2026-02-01
CVE-2022-50797 Stripe Green Downloads Wordpress Plugin 2.03 Persistent XSS via Settings — Stripe Green Downloads 6.4 Medium2026-02-01
CVE-2021-47920 WebMO Job Manager 20.0 Cross-Site Scripting via Search Parameters — WebMO Job Manager 5.4 Medium2026-02-01
CVE-2021-47919 Simple CMS 2.1 Non-Persistent Cross-Site Scripting via Preview Parameter — Simple CMS 6.4 Medium2026-02-01
CVE-2021-47917 Simple CMS 2.1 Persistent Cross-Site Scripting via User Input Parameters — Simple CMS 6.4 Medium2026-02-01
CVE-2021-47914 PHP Melody 3.0 Persistent XSS Vulnerability via Edit Video Parameter — PHP Melody 6.4 Medium2026-02-01
CVE-2021-47913 PHP Melody 3.0 Persistent Cross-Site Scripting via Video Editor — PHP Melody 6.4 Medium2026-02-01
CVE-2021-47912 PHP Melody 3.0 Non-Persistent Cross-Site Scripting via Multiple Parameters — PHP Melody 6.4 Medium2026-02-01
CVE-2021-47911 Affiliate Pro 1.7 Reflected Cross-Site Scripting via Index Module — Affiliate Pro 5.4 Medium2026-02-01
CVE-2021-47908 Ultimate POS 4.4 Persistent Cross-Site Scripting via Product Name — Unknown 6.4 Medium2026-02-01
CVE-2021-47856 Easy Cart Shopping Cart 2021 Cross-Site Scripting via Search Parameter — Easy Cart Shopping Cart 6.4 Medium2026-02-01
CVE-2021-47885 Payment Terminal Multiple Versions Non-Persistent Cross-Site Scripting — PayPal PRO Payment Terminal 6.4 Medium2026-02-01
CVE-2025-14554 Sell BTC - Cryptocurrency Selling Calculator <= 1.5 - Unauthenticated Stored Cross-Site Scripting via 'orderform_data' AJAX Action — Sell BTC – Cryptocurrency Selling Calculator 7.2 High2026-01-31
CVE-2026-25156 HotCRP vulnerable to stored XSS via comment attachments — hotcrp 7.3 High2026-01-30
CVE-2020-37044 OpenCTI 3.3.1 - Cross Site Scripting — OpenCTI 5.4 Medium2026-01-30
CVE-2026-25154 LocalSend has Stored XSS in Web Share Interface via Filename — localsend 6.1 Medium2026-01-30
CVE-2026-1705 D-Link DSL-6641K Web ad_virtual_server_vdsl cross site scripting — DSL-6641K 2.4 Low2026-01-30
CVE-2026-1700 projectworlds House Rental and Property Listing sms.php cross site scripting — House Rental and Property Listing 3.5 Low2026-01-30
CVE-2020-37022 OpenZ ERP 3.6.60 - Persistent Cross-Site Scripting — OpenZ ERP 6.4 Medium2026-01-30
CVE-2020-37019 Orchard Core RC1 - Persistent Cross-Site Scripting — Orchard Core 6.4 Medium2026-01-30
CVE-2020-37014 Tryton 5.4 - Persistent Cross-Site Scripting — Tryton 6.4 Medium2026-01-30
CVE-2020-36996 PHPFusion 9.03.50 - Persistent Cross-Site Scripting — PHPFusion 6.4 Medium2026-01-30
CVE-2020-36998 forma.lms The E-Learning Suite 2.3.0.2 - Persistent Cross-Site Scripting — E-Learning Suite 6.4 Medium2026-01-30
CVE-2020-37003 Sellacious eCommerce 4.6 - Persistent Cross-Site Scripting — Sellacious eCommerce 6.4 Medium2026-01-30
CVE-2020-36966 Dolibarr 11.0.3 - 'ldap.php' - Persistent Cross-Site Scripting — Dolibarr 6.4 Medium2026-01-30
CVE-2026-24855 ChurchCRM has Stored Cross-Site Scripting (XSS) in Create Events in Church Calendar, Leading to Account Takeover — CRM 5.4AIMediumAI2026-01-30
CVE-2025-9226 Stored XSS — ManageEngine OpManager 4.6 Medium2026-01-30
CVE-2026-1598 Bdtask Bhojon All-In-One Restaurant Management System User Information profile cross site scripting — Bhojon All-In-One Restaurant Management System 3.5 Low2026-01-29
CVE-2025-7713 Reflected XSS in Global Medya's PHP CMS — Content Management System (CMS) 7.5 High2026-01-29

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21517 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.