Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21534

21534 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-3128 Donation Thermometer < 2.1.3 - Admin+ Stored Cross-Site Scripting — Donation Thermometer 4.8 -2022-10-03
CVE-2022-2839 Zephyr Project Manager < 3.2.55 - Unauthorised AJAX Calls To Stored XSS — Zephyr Project Manager 6.1 -2022-10-03
CVE-2022-2763 WP Socializer < 7.3 - Admin+ Stored Cross-Site Scripting — WP Socializer – Simple & Easy Social Media Share Icons 4.8 -2022-10-03
CVE-2022-2628 DSGVO All in one for WP < 4.2 - Admin+ Stored Cross-Site Scripting — DSGVO All in one for WP 4.8 -2022-10-03
CVE-2022-32173 OrchardCore - HTML Injection — OrchardCore 5.4 -2022-10-03
CVE-2022-28851 AEM Reflected XSS Arbitrary code execution — Experience Manager 5.4 Medium2022-09-30
CVE-2021-36830 WordPress Comment Guestbook plugin <= 0.8.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Comment Guestbook (WordPress plugin) 4.8 Medium2022-09-30
CVE-2021-36839 WordPress Social Media Follow Buttons Bar plugin <= 4.73 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Social Media Follow Buttons Bar (WordPress plugin) 4.8 Medium2022-09-30
CVE-2022-3355 Cross-site Scripting (XSS) - Stored in inventree/inventree — inventree/inventree 5.4 -2022-09-29
CVE-2022-3193 ovirt-engine 跨站脚本漏洞 — ovirt-engine 6.1 -2022-09-28
CVE-2022-28816 Reflected XSS in Carlo Gavazzi UWP 3.0 — UWP 3.0 Monitoring Gateway and Controller 6.1 Medium2022-09-28
CVE-2022-39054 COWELL INFORMATION SYSTEM CO., LTD. enterprise travel management system - Reflected XSS — enterprise travel management system 6.1 Medium2022-09-28
CVE-2022-39053 HEIMAVISTA INC. Rpage - Reflected XSS — Rpage 6.1 Medium2022-09-28
CVE-2022-39035 Smart eVision - Stored XSS — Smart eVision 6.1 Medium2022-09-28
CVE-2022-3135 SEO Smart Links <= 3.0.1 - Admin+ Stored Cross-Site Scripting — SEO Smart Links 4.8 -2022-09-26
CVE-2022-3074 Slider Hero < 8.4.4 - Admin+ Stored Cross-Site Scripting — Slider Hero with Animation, Video Background 4.8 -2022-09-26
CVE-2022-3070 Generate PDF using Contact Form 7 < 3.6 - Admin+ Stored Cross-Site Scripting — Generate PDF using Contact Form 7 4.8 -2022-09-26
CVE-2022-3062 Simple File List < 4.4.12 - Reflected Cross-Site Scripting — Simple File List 6.1 -2022-09-26
CVE-2022-3069 Wordlift < 3.37.2 - Admin+ Stored Cross-Site Scripting — WordLift – AI powered SEO – Schema 4.8 -2022-09-26
CVE-2022-3025 Bitcoin / Altcoin Faucet <= 1.6.0 - Settings Update to Stored XSS via CSRF — Bitcoin / Altcoin Faucet 5.4 -2022-09-26
CVE-2022-2404 WP Popup Builder < 1.2.9 - Reflected Cross-Site Scripting — WP Popup Builder – Popup Forms , Marketing PoPuP & Newsletter 6.1 -2022-09-26
CVE-2022-1755 SVG Support < 2.5 - Author+ Stored Cross-Site Scripting — SVG Support 5.4 -2022-09-26
CVE-2022-23461 Cross-Site Scripting (XSS) in Jodit Editor — Jodit Editor 5.4 Medium2022-09-24
CVE-2022-39240 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in MyGraph — MyGraph 5.4 Medium2022-09-24
CVE-2022-35251 Rocket.Chat 跨站脚本漏洞 — Rocket.chat 5.4 -2022-09-23
CVE-2022-38439 AEM Reflected XSS Arbitrary code execution — Experience Manager 5.4 Medium2022-09-23
CVE-2022-38438 AEM Reflected XSS Arbitrary code execution — Experience Manager 5.4 Medium2022-09-23
CVE-2022-40215 WordPress Tabs plugin <= 3.7.1 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities — Tabs (WordPress plugin) 3.4 Low2022-09-23
CVE-2022-40672 WordPress CPO Shortcodes plugin <= 1.5.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — CPO Shortcodes (WordPress plugin) 4.8 Medium2022-09-23
CVE-2022-40195 WordPress PCA Predict plugin <= 1.0.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — PCA Predict (WordPress plugin) 4.8 Medium2022-09-23

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21534 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.