Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-44591 WordPress Anthologize plugin <= 0.8.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Anthologize (WordPress plugin) 4.8 Medium2022-11-17
CVE-2022-36357 WordPress ULTIMATE TABLES plugin <= 1.6.5 - Unauth. Reflected Cross-Site Scripting (XSS) vulnerability — ULTIMATE TABLES 6.1 Medium2022-11-17
CVE-2022-45375 WordPress iFeature Slider plugin <= 1.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — iFeature Slider (WordPress plugin) 5.4 Medium2022-11-17
CVE-2021-36905 WordPress Quiz And Survey Master plugin <= 7.3.4 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities — Quiz And Survey Master (WordPress plugin) 5.4 Medium2022-11-17
CVE-2022-38390 IBM Business Automation Workflow 跨站脚本漏洞 — Business Automation Workflow 5.4 Medium2022-11-17
CVE-2022-42000 Potential XSS in comment section — BlueSpice 3.3 Low2022-11-15
CVE-2022-42001 Potential XSS in book navigation — BlueSpice 3.3 Low2022-11-15
CVE-2022-3958 Potential XSS on personal menu navigation — BlueSpice 3.3 Low2022-11-15
CVE-2022-41611 Potential XSS on sidebar navigation — BlueSpice 2.3 Low2022-11-15
CVE-2022-41789 Potential XSS on default page header — BlueSpice 3.3 Low2022-11-15
CVE-2022-41814 Potential XSS in history view — BlueSpice 3.3 Low2022-11-15
CVE-2022-3893 Potential XSS on custom menu navigation — BlueSpice 2.3 Low2022-11-15
CVE-2022-3895 Potential XSS in common user interface component library — Common User Interface Component 4.0 Medium2022-11-15
CVE-2022-34317 IBM CICS TX cross-site scripting — CICS TX 5.4 Medium2022-11-14
CVE-2022-34315 IBM CICS TX cross-site scripting — CICS TX 5.4 Medium2022-11-14
CVE-2022-3415 Chat Bubble < 2.3 - Unauthenticated Stored Cross-Site Scripting — Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back 6.1 -2022-11-14
CVE-2022-3469 WP Attachments < 5.0.5 - Admin+ Stored Cross-Site Scripting — WP Attachments 4.8 -2022-11-14
CVE-2022-3484 WPB Show Core - Reflected Cross-Site Scripting — wpb-show-core 6.1 -2022-11-14
CVE-2022-3539 Testimonials (Free < 2.7, Pro < 1.0.8) - Admin+ Stored Cross-Site Scripting — Testimonials 4.8 -2022-11-14
CVE-2022-3578 ProfileGrid < 5.1.1 - Reflected Cross-Site Scripting — ProfileGrid – User Profiles, Memberships, Groups and Communities 6.1 -2022-11-14
CVE-2022-3631 OAuth Client by DigitialPixies <= 1.1.0 - Admin+ Stored Cross-Site Scripting — OAuth Client by DigitialPixies 4.8 -2022-11-14
CVE-2022-40753 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information Server 5.4 Medium2022-11-11
CVE-2022-36776 IBM Cloud Pak for Security 跨站脚本漏洞 — Cloud Pak for Security 5.4 Medium2022-11-11
CVE-2022-40750 IBM WebSphere Application Server cross-site scripting — WebSphere Application Server 5.4 Medium2022-11-11
CVE-2022-41905 wsgidav is vulnerable to Cross-Site Scripting (XSS) when directory browsing is enabled — wsgidav 8.2 High2022-11-11
CVE-2022-20936 Cisco Firepower Management Center 跨站脚本漏洞 — Cisco Firepower Management Center 4.8 Medium2022-11-10
CVE-2022-20935 Cisco Firepower Management Center 跨站脚本漏洞 — Cisco Firepower Management Center 4.8 Medium2022-11-10
CVE-2022-20932 Cisco Firepower Management Center 跨站脚本漏洞 — Cisco Firepower Management Center 4.8 Medium2022-11-10
CVE-2022-20905 Cisco Firepower Management Center 跨站脚本漏洞 — Cisco Firepower Management Center 4.8 Medium2022-11-10
CVE-2022-20872 Cisco Firepower Management Center 跨站脚本漏洞 — Cisco Firepower Management Center 4.8 Medium2022-11-10

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.