CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21534

21534 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-2709	Float to Top Button <= 2.3.6 - Admin+ Stored Cross-Site Scripting — Float to Top Button	4.8	-	2022-09-19
CVE-2022-2567	Form Builder CP < 1.2.32 - Admin+ Stored Cross-Site Scripting — Form Builder CP	4.8	-	2022-09-19
CVE-2022-3231	Cross-site Scripting (XSS) - Stored in librenms/librenms — librenms/librenms	5.4	-	2022-09-17
CVE-2022-35664	AEM Reflected XSS Arbitrary code execution — Experience Manager	5.4	Medium	2022-09-16
CVE-2022-30681	AEM Reflected XSS Arbitrary code execution — Experience Manager	5.4	-	2022-09-16
CVE-2022-30684	AEM Reflected XSS Arbitrary code execution — Experience Manager	5.4	Medium	2022-09-16
CVE-2022-34218	AEM Reflected XSS Arbitrary code execution — Experience Manager	5.4	Medium	2022-09-16
CVE-2022-30686	AEM Reflected XSS Arbitrary code execution — Experience Manager	5.4	Medium	2022-09-16
CVE-2022-30682	AEM Reflected XSS Arbitrary code execution — Experience Manager	5.4	Medium	2022-09-16
CVE-2022-30680	AEM Reflected XSS Arbitrary code execution — Experience Manager	5.4	-	2022-09-16
CVE-2022-30685	AEM Reflected XSS Arbitrary code execution — Experience Manager	5.4	Medium	2022-09-16
CVE-2022-30678	AEM Reflected XSS Arbitrary code execution — Experience Manager	5.4	-	2022-09-16
CVE-2022-30677	AEM Reflected XSS Arbitrary code execution — Experience Manager	5.4	-	2022-09-16
CVE-2022-3223	Cross-site Scripting (XSS) - Stored in jgraph/drawio — jgraph/drawio	5.4	-	2022-09-16
CVE-2022-2887	WP Server Health Stats < 1.7.0 - Admin+ Stored Cross-Site Scripting — WP Server Health Stats	4.8	-	2022-09-16
CVE-2022-2799	Affiliates Manager < 2.9.14 - Admin+ Stored Cross-Site Scripting — Affiliates Manager	4.8	-	2022-09-16
CVE-2022-2737	WP STAGING < 2.9.18 - Admin+ Stored Cross-Site Scripting — WP STAGING – Backup Duplicator & Migration	4.8	-	2022-09-16
CVE-2022-2669	WP Taxonomy Import <= 1.0.4 - Reflected Cross-Site Scripting — WP Taxonomy Import	6.1	-	2022-09-16
CVE-2022-2654	Classima < 2.1.11 - Reflected Cross-Site Scripting — Classified Listing – Classified ads & Business Directory Plugin	6.1	-	2022-09-16
CVE-2022-2655	Classified Listing Pro < 2.0.20 - Reflected Cross-Site Scripting — Classified Listing Pro - Classified ads & Business Directory Plugin	6.1	-	2022-09-16
CVE-2022-2635	Autoptimize < 3.1.1 - Admin+ Stored Cross Site Scripting — Autoptimize	4.8	-	2022-09-16
CVE-2022-2575	WBW Currency Switcher for WooCommerce < 1.6.6 - Admin+ Stored XSS — WBW Currency Switcher for WooCommerce	4.8	-	2022-09-16
CVE-2022-2351	Post SMTP < 2.1.4 - Admin+ Stored Cross-Site Scripting — Post SMTP Mailer/Email Log	4.8	-	2022-09-16
CVE-2022-27561	HCL Traveler is susceptible to a Reflected Cross-Site Scripting vulnerability in the web admin (LotusTraveler.nsf) — HCL Traveler	7.5	High	2022-09-15
CVE-2022-3211	Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore	5.4	-	2022-09-15
CVE-2022-31187	Stored Cross Site Scripting (XSS) through global search in GLPI — glpi	6.8	Medium	2022-09-14
CVE-2022-35945	Cross site scripting (XSS) via registration API in GLPI — glpi	6.3	Medium	2022-09-14
CVE-2022-40626	Reflected XSS in the backurl parameter of Zabbix Frontend — Frontend	4.8	Medium	2022-09-14
CVE-2022-3205	Controller: cross site scripting in automation controller ui — Red Hat Ansible Automation Platform 1.2	4.6	Medium	2022-09-13
CVE-2022-39207	Persistent XSS in OneDev — onedev	5.4	Medium	2022-09-13

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21534 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21534