Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-2563 Tutor LMS < 2.0.10 - Admin+ Stored Cross-Site Scripting — Tutor LMS – eLearning and online course solution 4.8 -2022-10-17
CVE-2022-2574 Meks Easy Social Share < 1.2.8 - Admin+ Stored Cross-Site Scripting — Meks Easy Social Share 4.8 -2022-10-17
CVE-2022-3139 We’re Open! < 1.42 - Admin+ Stored Cross-Site Scripting — We’re Open! 4.8 -2022-10-17
CVE-2022-35698 Adobe Commerce Stored XSS Arbitrary code execution — Magento Commerce 10.0 Critical2022-10-14
CVE-2022-3506 Cross-site Scripting (XSS) - Stored in barrykooij/related-posts-for-wp — barrykooij/related-posts-for-wp 5.4 -2022-10-14
CVE-2021-36899 WordPress Asset CleanUp: Page Speed Booster plugin <= 1.3.8.4 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability — Asset CleanUp: Page Speed Booster (WordPress plugin) 4.8 Medium2022-10-11
CVE-2022-33978 WordPress FontMeister plugin <= 1.08 - Reflected Cross-Site Scripting (XSS) vulnerability — FontMeister (WordPress plugin) 6.1 Medium2022-10-11
CVE-2022-32174 Gogs - XSS — gogs 7.6 -2022-10-11
CVE-2022-35226 SAP Data Services Management 跨站脚本漏洞 — SAP Data Services Management Console 6.1 -2022-10-11
CVE-2022-35297 SAP Enable Now 跨站脚本漏洞 — SAP Enable Now 5.4 -2022-10-11
CVE-2022-39800 SAP BusinessObjects BI LaunchPad 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (BI LaunchPad) 6.1 -2022-10-11
CVE-2022-40178 多款Siemens产品跨站脚本漏洞 — Desigo PXM30-1 7.3 -2022-10-11
CVE-2022-40631 Siemens Scalance X-200 跨站脚本漏洞 — SCALANCE X200-4P IRT 10.0 -2022-10-11
CVE-2022-41206 SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence platform (Analysis for OLAP) 5.4 -2022-10-11
CVE-2021-25044 Cryptocurrency Pricing list and Ticker <= 1.5 - Reflected Cross-Site Scripting — Cryptocurrency Pricing list and Ticker 6.1 -2022-10-10
CVE-2022-2448 reSmush.it Image Optimizer < 0.4.6 - Admin+ Cross-Site Scripting — reSmush.it : the only free Image Optimizer & compress plugin 4.8 -2022-10-10
CVE-2022-2629 Top Bar < 3.0.4 - Admin+ Stored Cross-Site Scripting — Top Bar 4.8 -2022-10-10
CVE-2022-2823 Slider, Gallery, and Carousel by MetaSlider < 3.27.9 - Admin+ Stored Cross Site Scripting — Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Plugin 4.8 -2022-10-10
CVE-2022-3136 Social Rocket < 1.3.3 - Admin+ Stored Cross-Site Scripting — Social Rocket – Social Sharing Plugin 4.8 -2022-10-10
CVE-2022-3137 TaskBuilder < 1.0.8 - Subscriber+ Stored XSS via SVG file upload — Taskbuilder – WordPress Project & Task Management plugin 5.4 -2022-10-10
CVE-2022-3207 Simple File List < 4.4.12 - Admin+ Stored Cross-Site Scripting — Simple File List 4.8 -2022-10-10
CVE-2022-3209 Soledad < 8.2.5 - Reflected Cross-site Scripting — soledad 6.1 -2022-10-10
CVE-2022-3220 Advanced Comment Form < 1.2.1 - Admin+ Authenticated Stored XSS — Advanced Comment Form 4.8 -2022-10-10
CVE-2020-15855 Bodhi 跨站脚本漏洞 — bodhi 6.1 -2022-10-07
CVE-2022-39285 Stored Cross-Site Scripting Vulnerability In File Parameter in zoneminder — zoneminder 7.6 High2022-10-07
CVE-2022-32171 Zinc - Stored XSS — zinc 5.4 -2022-10-06
CVE-2022-32172 Zinc - Cross-Site Scripting — zinc 5.4 -2022-10-06
CVE-2022-3002 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrm 5.4 -2022-10-06
CVE-2022-39270 Arbitrary HTML injection in table-of-contents theme component in DiscoTOC — DiscoTOC 5.4 Medium2022-10-06
CVE-2022-39279 Discourse-chat plugin susceptible to XSS in channel name and description — discourse-chat 4.3 Medium2022-10-06

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.