Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21532

21532 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-3427 Deluge Web-UI 跨站脚本漏洞 — Deluge-web 6.1 -2022-08-26
CVE-2021-3914 SmallRye 跨站脚本漏洞 — smallrye-health 6.1 -2022-08-25
CVE-2022-37952 WorkstationST - Reflected XSS in iHistorian Data Display Tags — WorkstationST 4.7 Medium2022-08-25
CVE-2022-36405 WordPress amCharts: Charts and Maps plugin <= 1.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — amCharts: Charts and Maps (WordPress plugin) 5.4 Medium2022-08-23
CVE-2022-36347 WordPress Alpine PhotoTile for Pinterest plugin <= 1.3.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Alpine PhotoTile for Pinterest (WordPress plugin) 4.8 Medium2022-08-23
CVE-2022-36341 WordPress AS – Create Pinterest Pinboard Pages plugin <= 1.0 - Authenticated plugin settings change leading to Stored Cross-Site Scripting (XSS) vulnerability — AS – Create Pinterest Pinboard Pages (WordPress plugin) 5.4 Medium2022-08-23
CVE-2022-36282 WordPress Search Exclude plugin <= 1.2.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Search Exclude (WordPress plugin) 4.8 Medium2022-08-23
CVE-2022-34658 WordPress Download Manager plugin <= 3.2.48 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities — Download Manager (WordPress plugin) 5.4 Medium2022-08-23
CVE-2022-29476 WordPress Notification Bar for WordPress plugin <= 1.1.8 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability — Notification Bar for WordPress 6.1 Medium2022-08-23
CVE-2022-34648 WordPress Uploading SVG, WEBP and ICO files plugin <= 1.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Uploading SVG, WEBP and ICO files (WordPress plugin) 4.8 Medium2022-08-23
CVE-2022-2956 ConsoleTVs Noxen users.php cross site scripting — Noxen 3.5 Low2022-08-23
CVE-2022-2796 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-08-23
CVE-2022-2829 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrm 5.4 -2022-08-23
CVE-2022-32772 WWBN AVideo 跨站脚本漏洞 — AVideo 6.1 -2022-08-22
CVE-2022-32771 WWBN AVideo 跨站脚本漏洞 — AVideo 6.1 -2022-08-22
CVE-2022-32770 WWBN AVideo 跨站脚本漏洞 — AVideo 6.1 -2022-08-22
CVE-2022-30690 WWBN AVideo 跨站脚本漏洞 — AVideo 6.1 -2022-08-22
CVE-2022-28712 WWBN AVideo 跨站脚本漏洞 — AVideo 8.8 -2022-08-22
CVE-2022-26842 WWBN AVideo 跨站脚本漏洞 — AVideo 8.8 -2022-08-22
CVE-2022-2532 Feed Them Social < 3.0.1 - Reflected Cross-Site Scripting — Feed Them Social – for Twitter feed, Youtube and more 6.1 -2022-08-22
CVE-2022-2407 WP phpMyAdmin < 5.2.0.4 - Admin+ Stored Cross-Site Scripting — WP phpMyAdmin 4.8 -2022-08-22
CVE-2022-2383 Feed Them Social < 3.0.1 - Reflected Cross-Site Scripting — Feed Them Social – for Twitter feed, Youtube and more 6.1 -2022-08-22
CVE-2022-2375 WP Sticky Button < 1.4.1 - Unauthenticated Arbitrary Settings Update to Stored XSS — WP Sticky Button – Click to Chat 6.1 -2022-08-22
CVE-2022-2362 Download Manager < 3.2.50 - Bypass IP Address Blocking Restriction — Download Manager 9.1 -2022-08-22
CVE-2022-2361 Social Chat < 6.0.5 - Admin+ Stored Cross-Site Scripting — WP Social Chat – Click To Chat App 4.8 -2022-08-22
CVE-2022-1932 Rezgo Online Booking < 4.1.8 - Reflected Cross-Site-Scripting — Rezgo Online Booking 6.1 -2022-08-22
CVE-2022-1322 Coming Soon - Under Construction <= 1.1.9 - Admin+ Stored Cross-Site Scripting — Coming Soon – Under Construction 4.8 -2022-08-22
CVE-2022-0446 Simple Banner < 2.12.0 - Admin+ Stored Cross Site Scripting — Simple Banner 4.8 -2022-08-22
CVE-2021-24911 Transposh WordPress Translation < 1.0.8 - Stored Cross-Site Scripting — Transposh WordPress Translation 5.4 -2022-08-22
CVE-2021-24910 Transposh WordPress Translation < 1.0.8 - Reflected Cross-Site Scripting — Transposh WordPress Translation 6.1 -2022-08-22

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.