Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-4029 Simple:Press <= 6.8 - Reflected Cross-Site Scripting via Cookie Value — Simple:Press Forum 4.7 Medium2022-11-29
CVE-2022-4028 Simple:Press <= 6.8 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Profile Signatures — Simple:Press Forum 6.4 Medium2022-11-29
CVE-2022-4027 Simple:Press <= 6.8 - Unauthenticated Stored Cross-Site Scripting via Forum Replies — Simple:Press Forum 7.2 High2022-11-29
CVE-2022-46148 Discourse allows self-XSS through malicious composer message — discourse 7.1 High2022-11-29
CVE-2022-46147 Drag and Drop XBlock v2 has XSS Issues in Xblock Input Fields — xblock-drag-and-drop-v2 8.4 High2022-11-28
CVE-2022-39325 Cross-site scripting vulnerability in BaserCMS — basercms 4.6 Medium2022-11-25
CVE-2022-39331 Cross-site Scripting (XSS) in Nexcloud Desktop Client — security-advisories 4.6 Medium2022-11-25
CVE-2022-39332 Cross-site scripting (XSS) in Nextcloud Desktop Client — security-advisories 4.6 Medium2022-11-25
CVE-2022-39333 Cross-site scripting (XSS) in Nextcloud Desktop Client — security-advisories 4.6 Medium2022-11-25
CVE-2022-45150 Moodle 跨站脚本漏洞 — Moodle 6.1 -2022-11-23
CVE-2022-45151 Moodle 跨站脚本漏洞 — Moodle 5.4 -2022-11-23
CVE-2022-45363 WordPress Betheme premium theme <= 26.6.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Betheme 5.4 Medium2022-11-22
CVE-2022-4105 Cross-site Scripting (XSS) - Stored in kiwitcms/kiwi — kiwitcms/kiwi 5.4 -2022-11-21
CVE-2022-3516 Cross-site Scripting (XSS) - Stored in librenms/librenms — librenms/librenms 5.4 -2022-11-20
CVE-2022-3561 Cross-site Scripting (XSS) - Generic in librenms/librenms — librenms/librenms 6.1 -2022-11-20
CVE-2022-3562 Cross-site Scripting (XSS) - Stored in librenms/librenms — librenms/librenms 5.4 -2022-11-20
CVE-2022-4067 Cross-site Scripting (XSS) - Stored in librenms/librenms — librenms/librenms 5.4 -2022-11-20
CVE-2022-4069 Cross-site Scripting (XSS) - Generic in librenms/librenms — librenms/librenms 6.1 -2022-11-20
CVE-2022-41938 Cross site scripting vulnerability with discussion titles in flarum — framework 9.0 Critical2022-11-19
CVE-2022-41643 WordPress Accessibility plugin <= 1.0.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Accessibility (WordPress plugin) 4.8 Medium2022-11-18
CVE-2022-40963 WordPress WP Page Builder plugin <= 1.2.6 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities — WP Page Builder (WordPress plugin) 4.8 Medium2022-11-18
CVE-2022-41788 WordPress Soledad premium theme <= 8.2.5 - Auth. Cross-Site Scripting (XSS) vulnerability — Soledad (WordPress theme) 5.4 Medium2022-11-18
CVE-2022-45082 WordPress Accordions plugin <= 2.0.3 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities — Accordions – Multiple Accordions or FAQs Builder (WordPress plugin) 3.4 Low2022-11-18
CVE-2022-40698 WordPress Quiz And Survey Master plugin <= 7.3.10 - Cross-Site Scripting (XSS) vulnerability — Quiz And Survey Master (WordPress plugin) 5.4 Medium2022-11-18
CVE-2022-43463 WordPress Custom Product Tabs for WooCommerce plugin <= 1.7.9 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Custom Product Tabs for WooCommerce (WordPress plugin) 4.8 Medium2022-11-18
CVE-2021-37936 Elastic Kibana 跨站脚本漏洞 — Kibana 6.1 -2022-11-18
CVE-2022-39181 GLPI - Reports plugin for GLPI Reflected Cross-Site-Scripting (RXSS) — Reports plugin for GLPI 6.1 Medium2022-11-17
CVE-2022-40694 WordPress News Announcement Scroll plugin <= 8.8.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — News Announcement Scroll (WordPress plugin) 4.8 Medium2022-11-17
CVE-2022-44736 WordPress Chameleon plugin <= 1.4.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Chameleon (WordPress plugin) 4.8 Medium2022-11-17
CVE-2022-41315 WordPress Ezoic plugin <= 2.8.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Ezoic (WordPress plugin) 4.8 Medium2022-11-17

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.