Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21532

21532 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-2515 Simple Banner <= 2.11.0 - Authenticated Stored Cross-Site Scripting — Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website 6.4 Medium2022-09-06
CVE-2022-2516 Visual Composer Website Builder <= 45.0 - Authenticated Stored Cross-Site Scripting via 'Title' — Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages 6.4 Medium2022-09-06
CVE-2022-2517 Beaver Builder – WordPress Page Builder <= 2.5.5.2 - Authenticated Stored Cross-Site Scripting via Caption - On Hover — Beaver Builder – WordPress Page Builder 6.4 Medium2022-09-06
CVE-2022-2430 Visual Composer Website Builder <= 45.0 - Authenticated Stored Cross-Site Scripting via 'Text Block' — Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages 6.4 Medium2022-09-06
CVE-2022-1628 Simple SEO <= 1.7.91 - Authenticated (Contributor+) Stored Cross-Site Scripting — Simple SEO 6.4 Medium2022-09-06
CVE-2022-34656 WordPress Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 - Authenticated Cross-Site Scripting (XSS) vulnerability — Poll, Survey, Questionnaire and Voting system (WordPress plugin) 4.8 Medium2022-09-06
CVE-2021-36829 WordPress Launcher: Coming Soon & Maintenance Mode plugin <= 1.0.11 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Launcher: Coming Soon & Maintenance Mode (WordPress plugin) 4.8 Medium2022-09-06
CVE-2022-3127 Cross-site Scripting (XSS) - Stored in jgraph/drawio — jgraph/drawio 5.4 -2022-09-05
CVE-2022-2775 Fast Flow < 1.2.13 - Admin+ Stored Cross-Site Scripting — Fast Flow 4.8 -2022-09-05
CVE-2022-2565 Best Payments Plugin for WP < 4.2.1 - Unauthenticated Stored Cross-Site Scripting — Simple Payment Donations & Subscriptions Plugin by Paymattic – Best Payments Plugin for WP 6.1 -2022-09-05
CVE-2022-2271 WP Database Backup < 5.9 - Admin+ Stored Cross-Site Scripting — WP Database Backup 4.8 -2022-09-05
CVE-2022-3123 Cross-site Scripting (XSS) - Reflected in splitbrain/dokuwiki — splitbrain/dokuwiki 6.1 -2022-09-05
CVE-2022-39050 Possible XSS stored in customer information — OTRS 4.6 Medium2022-09-05
CVE-2022-39049 Possible XSS in Admin Interface — OTRS 3.5 Low2022-09-05
CVE-2022-35933 PrestaShop module Product Comments vulnerable to cross-site scripting (XSS) — productcomments 7.2 -2022-09-02
CVE-2022-25370 Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz — Apache OFBiz 5.4 -2022-09-02
CVE-2022-2256 Red Hat Keycloak 跨站脚本漏洞 — keycloak 3.8 -2022-09-01
CVE-2022-36355 WordPress Easy Org Chart plugin <= 3.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Easy Org Chart (WordPress plugin) 5.4 Medium2022-09-01
CVE-2022-3072 Cross-site Scripting (XSS) - Stored in francoisjacquet/rosariosis — francoisjacquet/rosariosis 5.4 -2022-09-01
CVE-2022-33935 Dell EMC Data Protection Advisor 跨站脚本漏洞 — Data Protection Advisor 5.4 Medium2022-08-30
CVE-2022-3035 Cross-site Scripting (XSS) - Stored in snipe/snipe-it — snipe/snipe-it 5.4 -2022-08-29
CVE-2022-36037 Cross-site scripting (XSS) from dynamic options in the multiselect field in Kirby — kirby 5.9 Medium2022-08-29
CVE-2022-2599 Anti-Malware Security and Brute-Force Firewall < 4.21.83 - Reflected Cross-Site Scripting — Anti-Malware Security and Brute-Force Firewall 6.1 -2022-08-29
CVE-2022-2374 Simply Schedule Appointments < 1.5.7.7 - Admin+ Stored Cross-Site Scripting — Simply Schedule Appointments – WordPress Booking Plugin 4.8 -2022-08-29
CVE-2022-2537 WooCommerce PDF Invoices & Packing Slips < 3.0.1 - Reflected Cross-Site Scripting — WooCommerce PDF Invoices & Packing Slips 6.1 -2022-08-29
CVE-2022-2538 WP Hide & Security Enhancer < 1.8 - Reflected Cross-Site Scripting — WP Hide & Security Enhancer 6.1 -2022-08-29
CVE-2022-27546 HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability — HCL iNotes 8.3 High2022-08-29
CVE-2022-3015 oretnom23 Fast Food Ordering System cross site scripting — Fast Food Ordering System 3.5 Low2022-08-27
CVE-2022-3014 SourceCodester Simple Task Managing System cross site scripting — Simple Task Managing System 3.5 Low2022-08-27
CVE-2022-0225 Red Hat Keycloak 跨站脚本漏洞 — keycloak 5.4 -2022-08-26

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.