Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-3402 Log HTTP Requests <= 1.3.1 - Stored Cross-Site Scripting — Log HTTP Requests 6.1 Medium2022-10-28
CVE-2021-36864 WordPress Quiz And Survey Master plugin <= 7.3.4 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability — Quiz And Survey Master (WordPress plugin) 3.4 Low2022-10-28
CVE-2021-36863 WordPress Quiz And Survey Master plugin <= 7.3.4 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Quiz And Survey Master (WordPress plugin) 5.4 Medium2022-10-28
CVE-2021-36858 WordPress Testimonials plugin <= 2.6 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Testimonials (WordPress plugin) 4.8 Medium2022-10-28
CVE-2021-36206 CEVAS — CEVAS 10.0 Critical2022-10-28
CVE-2022-41651 Delta Electronics DIAEnergie — DIAEnergie 8.7 High2022-10-27
CVE-2022-41702 Delta Electronics DIAEnergie — DIAEnergie 8.7 High2022-10-27
CVE-2022-40965 Delta Electronics DIAEnergie — DIAEnergie 8.7 High2022-10-27
CVE-2022-41555 Delta Electronics DIAEnergie — DIAEnergie 8.7 High2022-10-27
CVE-2022-41701 Delta Electronics DIAEnergie — DIAEnergie 8.7 High2022-10-27
CVE-2021-45476 Information disclosure in Yordam Library Information Document Automation Program — Yordam Library Information Document Automation Program 4.7 Medium2022-10-27
CVE-2022-40183 Reflected Cross Site Scripting (XSS) in VIDEOJET multi 4000 — VIDEOJET multi 4000 5.8 Medium2022-10-27
CVE-2022-40184 Stored Cross Site Scripting (XSS) in VIDEOJET multi 4000 — VIDEOJET multi 4000 5.1 Medium2022-10-27
CVE-2022-20959 Cisco Identity Services Engine Cross-Site Scripting Vulnerability — Cisco Identity Services Engine Software 6.1 Medium2022-10-26
CVE-2022-38195 BUG-000150540 - Reflected XSS vulnerability in ArcGIS Server — ArcGIS Server 6.1 Medium2022-10-25
CVE-2022-38198 BUG-000146513 - Reflected XSS vulnerability in ArcGIS Server — ArcGIS Server 6.1 Medium2022-10-25
CVE-2022-38200 BUG-000142376 - Reflected Cross-Site Scripting (XSS) vulnerability in ArcGIS Server. — ArcGIS Server 6.1 Medium2022-10-25
CVE-2022-3350 Contact Bank <= 3.0.30 - Admin+ Stored Cross-Site Scripting — Contact Bank – Contact Form Builder for WordPress 4.8 -2022-10-25
CVE-2022-3391 Retain Live Chat <= 0.1 - Admin+ Stored Cross-Site Scripting — Retain Live Chat 4.8 -2022-10-25
CVE-2022-3392 WP Humans.txt <= 1.0.6 - Admin+ Stored Cross-Site Scripting — WP Humans.txt 4.8 -2022-10-25
CVE-2022-39350 @dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability Details — frontend 5.4 Medium2022-10-25
CVE-2022-40311 WordPress Analytics Cat plugin <= 1.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Analytics Cat – Google Analytics Made Easy (WordPress plugin) 4.8 Medium2022-10-21
CVE-2022-41638 WordPress Pop-Up Chop Chop plugin <= 2.1.7 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Pop-Up Chop Chop (WordPress plugin) 5.4 Medium2022-10-21
CVE-2022-3608 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq — thorsten/phpmyfaq 5.4 -2022-10-19
CVE-2022-42466 XSS vulnerability, eg for String properties. — Apache Isis 6.1 -2022-10-19
CVE-2022-22242 Junos OS: Cross-site Scripting (XSS) vulnerability in J-Web — Junos OS 6.1 Medium2022-10-18
CVE-2022-22229 Paragon Active Assurance (Formerly Netrounds): Stored Cross-site Scripting (XSS) vulnerability in web administration — Paragon Active Assurance (Formerly Netrounds) 8.4 High2022-10-18
CVE-2022-31037 OroCommerce vulnerable to Cross-site Scripting via Shipping rule editing page — orocommerce 6.9 Medium2022-10-18
CVE-2022-3339 Reflected XSS in Trellix ePO server — Trellix ePolicy Orchestrator (ePO) 5.4 Medium2022-10-18
CVE-2022-26375 WordPress AB Press Optimizer plugin <= 1.1.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — AB Press Optimizer (WordPress plugin) 4.8 Medium2022-10-17

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.