Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21532

21532 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-34857 WordPress SP Project & Document Manager plugin <= 4.59 - Reflected Cross-Site Scripting (XSS) vulnerability — SP Project & Document Manager (WordPress plugin) 6.1 Medium2022-08-22
CVE-2022-35655 Pegasystem PEGA Platform 跨站脚本漏洞 — Pega Infinity 6.1 -2022-08-22
CVE-2022-35654 Pegasystem PEGA Platform 跨站脚本漏洞 — Pega Infinity 6.1 -2022-08-22
CVE-2021-36857 WordPress Testimonial Builder plugin <= 1.6.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Testimonial (WordPress plugin) 4.8 Medium2022-08-22
CVE-2021-36847 WordPress Webba Booking plugin <= 4.2.21 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Webba Booking (WordPress plugin) 4.8 Medium2022-08-22
CVE-2022-2890 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrm 5.4 -2022-08-22
CVE-2022-2932 Cross-site Scripting (XSS) - Reflected in bustle/mobiledoc-kit — bustle/mobiledoc-kit 6.1 -2022-08-22
CVE-2022-1340 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrm 5.4 -2022-08-22
CVE-2022-2885 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrm 5.4 -2022-08-21
CVE-2022-0542 Cross-site Scripting (XSS) - DOM in chatwoot/chatwoot — chatwoot/chatwoot 6.1 -2022-08-19
CVE-2021-32862 nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths — nbconvert 7.5 High2022-08-18
CVE-2022-2871 Cross-site Scripting (XSS) - Stored in notrinos/notrinoserp — notrinos/notrinoserp 5.4 -2022-08-17
CVE-2022-34257 Adobe Commerce Stored XSS Arbitrary code execution — Magento Commerce 6.1 Medium2022-08-16
CVE-2022-34258 Adobe Commerce Stored XSS Arbitrary code execution — Magento Commerce 4.8 Medium2022-08-16
CVE-2020-14320 Moodle 跨站脚本漏洞 — Moodle 4.8 -2022-08-16
CVE-2022-2844 MotoPress Timetable and Event Schedule Calendar cross site scripting — Timetable and Event Schedule 3.5 Low2022-08-16
CVE-2022-2843 MotoPress Timetable and Event Schedule Quick Edit admin-ajax.php cross site scripting — Timetable and Event Schedule 3.5 Low2022-08-16
CVE-2022-38189 There is a stored cross-site scripting (XSS) vulnerability in ArcGIS API for JavaScript. — Portal for ArcGIS 5.4 Medium2022-08-16
CVE-2022-38192 There is a stored cross-site scripting (XSS) vulnerability in ArcGIS API for JavaScript. — Portal for ArcGIS 6.1 Medium2022-08-16
CVE-2022-36311 Airspan AirVelocity 1500 跨站脚本漏洞 — AirVelocity 6.1 -2022-08-16
CVE-2022-38188 Esri Portal For ArcGis 跨站脚本漏洞 — Portal for ArcGIS 6.1 -2022-08-15
CVE-2022-38190 Stored cross-site scripting vulnerability in Esri Portal for ArcGIS Configurable Apps — Portal for ArcGIS 6.1 Medium2022-08-15
CVE-2022-38186 Esri Portal For ArcGis 跨站脚本漏洞 — Portal for ArcGIS 6.1 -2022-08-15
CVE-2022-2384 Digital Publications by Supsystic < 1.7.4 - Admin+ Stored Cross-Site Scripting — Digital Publications by Supsystic 4.8 -2022-08-15
CVE-2022-2378 Easy Student Results <= 2.2.8 - Reflected Cross-Site Scripting — Easy Student Results 6.1 -2022-08-15
CVE-2022-2152 Duplicate Page and Post Plugin < 2.8 - Admin+ Stored Cross-Site Scripting — Duplicate Page and Post 4.8 -2022-08-15
CVE-2022-2116 Elementor Contact Form DB < 1.8.0 - Reflected Cross-Site Scripting — Contact Form DB – Elementor 6.1 -2022-08-15
CVE-2022-2814 SourceCodester Simple and Nice Shopping Cart Script login.php cross site scripting — Simple and Nice Shopping Cart Script 3.5 Low2022-08-15
CVE-2022-2811 SourceCodester Guest Management System myform.php cross site scripting — Guest Management System 3.5 Low2022-08-14
CVE-2022-2773 SourceCodester Apartment Visitor Management System profile.php cross site scripting — Apartment Visitor Management System 3.5 Low2022-08-11

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.