CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-45816	WordPress GD bbPress Attachments Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS) — GD bbPress Attachments	4.8	Medium	2022-12-06
CVE-2022-45848	WordPress Contest Gallery Plugin <= 13.1.0.9 is vulnerable to Cross Site Scripting (XSS) — Contest Gallery	6.1	Medium	2022-12-06
CVE-2022-46332	Proofpoint Enterprise Protection (PPS/PoD) XSS in "Attachment Names" — enterprise_protection	9.6	Critical	2022-12-06
CVE-2022-23475	dalorRadius full account take over — daloradius	8.8	High	2022-12-06
CVE-2022-23466	DOM-based cross-site scripting (XSS) in teler dashboard — teler	5.4	Medium	2022-12-06
CVE-2022-38379	Fortinet FortiSOAR 跨站脚本漏洞 — FortiSOAR	3.4	Low	2022-12-06
CVE-2022-40680	Fortinet FortiOS 跨站脚本漏洞 — FortiProxy	3.8	Medium	2022-12-06
CVE-2022-40209	WP Smart Import plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS) — WP Smart Import	6.1	Medium	2022-12-06
CVE-2022-46151	Reflected XSS — querybook	6.3	Medium	2022-12-06
CVE-2022-40603	Zyxel USG/ZyWALL 跨站脚本漏洞 — ZyWALL/USG series firmware	4.7	Medium	2022-12-06
CVE-2022-43556	PortlandLabs Concrete CMS 跨站脚本漏洞 — https://github.com/concretecms/concretecms	6.1	-	2022-12-05
CVE-2022-40968	WordPress 2kb Amazon Affiliates Store Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS) — 2kb Amazon Affiliates Store	4.8	Medium	2022-12-04
CVE-2022-4216	Chained Quiz <= 1.3.2.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Facebook App ID — Chained Quiz	5.5	Medium	2022-12-02
CVE-2022-4217	Chained Quiz <= 1.3.2.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Mailchimp API Key — Chained Quiz	5.5	Medium	2022-12-02
CVE-2022-4212	Chained Quiz <= 1.3.2 - Reflected Cross-Site Scripting via ipf — Chained Quiz	6.1	Medium	2022-12-02
CVE-2022-4211	Chained Quiz <= 1.3.2 - Reflected Cross-Site Scripting via emailf — Chained Quiz	6.1	Medium	2022-12-02
CVE-2022-4210	Chained Quiz <= 1.3.2 - Reflected Cross-Site Scripting via dnf — Chained Quiz	6.1	Medium	2022-12-02
CVE-2022-4209	Chained Quiz <= 1.3.2 - Reflected Cross-Site Scripting via pointsf — Chained Quiz	6.1	Medium	2022-12-02
CVE-2022-4208	Chained Quiz <= 1.3.2 - Reflected Cross-Site Scripting via datef — Chained Quiz	6.1	Medium	2022-12-02
CVE-2022-4213	Chained Quiz <= 1.3.2.2 - Reflected Cross-Site Scripting via dn — Chained Quiz	6.1	Medium	2022-12-02
CVE-2022-4214	Chained Quiz <= 1.3.2.3 - Reflected Cross-Site Scripting via ip — Chained Quiz	6.1	Medium	2022-12-02
CVE-2022-4215	Chained Quiz <= 1.3.2.3 - Reflected Cross-Site Scripting via date — Chained Quiz	6.1	Medium	2022-12-02
CVE-2022-4271	Cross-site Scripting (XSS) - Reflected in osticket/osticket — osticket/osticket	5.4	-	2022-12-02
CVE-2022-45050	Reflected XSS in Axiell Iguana CMS — Iguana	6.1	Medium	2022-12-01
CVE-2022-40204	Digital Alert Systems DASDEC EAS 跨站脚本漏洞 — DASDEC	4.1	Medium	2022-11-30
CVE-2019-18265	Digital Alert Systems DASDEC EAS 跨站脚本漏洞 — DASDEC	4.7	Medium	2022-11-30
CVE-2022-3991	Photospace Gallery <= 2.3.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting — Photospace Gallery	6.4	Medium	2022-11-29
CVE-2022-3897	WP Affiliate Platform <= 6.3.9 - Authenticated (Administrator+) Stored Cross-Site Scripting — WP Affiliate Platform	5.5	Medium	2022-11-29
CVE-2022-3896	WP Affiliate Platform <= 6.3.9 - Reflected Cross-Site Scripting — WP Affiliate Platform	6.1	Medium	2022-11-29
CVE-2022-4035	Appointment Hour Booking <= 1.3.72 - Unauthenticated iFrame Injection via Appointment Form — Appointment Hour Booking – Booking Calendar	7.2	High	2022-11-29

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535