Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21532

21532 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-44791 Reflected XSS on certain HTTP endpoints — Apache Druid 6.1 -2022-07-07
CVE-2022-31136 Cross-site Scripting in BookWyrm — bookwyrm 6.3 Medium2022-07-07
CVE-2022-31133 Cross site scripting in HumHub — humhub 5.9 Medium2022-07-07
CVE-2022-2342 Cross-site Scripting (XSS) - Stored in outline/outline — outline/outline 5.4 -2022-07-07
CVE-2022-20815 Cisco Unified Communications Products Cross-Site Scripting Vulnerability — Cisco Unified Communications Manager 6.1 Medium2022-07-06
CVE-2022-20800 Cisco Unified Communications Products Cross-Site Scripting Vulnerability — Cisco Unity Connection 6.1 Medium2022-07-06
CVE-2015-3172 EidoGo 跨站脚本漏洞 — EidoGo 6.1 -2022-07-06
CVE-2022-31127 Improper handling of email input in next-auth — next-auth 7.1 High2022-07-06
CVE-2022-23713 Vega 跨站脚本漏洞 — kibana 6.1 -2022-07-06
CVE-2022-35230 Reflected XSS in graphs page of Zabbix Frontend — Frontend 3.7 Low2022-07-06
CVE-2022-35229 Reflected XSS in discovery page of Zabbix Frontend — Frontend 3.7 Low2022-07-06
CVE-2022-32533 Apache Portals Jetspeed XSS, CSRF, SSRF, and XXE issues — Apache Portals 8.8 -2022-07-06
CVE-2021-45721 JFrog Artifactory 跨站脚本漏洞 — JFrog Artifactory 6.1 Medium2022-07-06
CVE-2022-34879 VICIDial 2.14b0.5 SVN 3550 was discovered to contain multiple Cross Site Scripting (XSS) vulnerabilities at /vicidial/admin.php. — VICIdial 6.5 Medium2022-07-05
CVE-2022-1946 Gallery < 2.0.0 - Reflected Cross-Site Scripting — Gallery – Image and Video Gallery with Thumbnails 6.1 -2022-07-04
CVE-2022-1301 WP Contact Slider < 2.4.7 - Editor+ Stored Cross-Site Scripting — WP Contact Slider 4.8 -2022-07-04
CVE-2022-0250 Redirection for Contact Form 7 < 2.5.0 - Reflected Cross-Site Scripting — Redirection for Contact Form 7 6.1 -2022-07-04
CVE-2021-25066 Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting via Import — Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress 4.8 -2022-07-04
CVE-2021-25056 Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting — Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress 4.8 -2022-07-04
CVE-2022-2300 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweber 4.8 -2022-07-04
CVE-2022-2290 Cross-site Scripting (XSS) - Reflected in zadam/trilium — zadam/trilium 6.1 -2022-07-03
CVE-2022-31113 Cross-Site Scripting in Canarytoken history — canarytokens 6.3 Medium2022-07-01
CVE-2022-2254 Distributed Data Systems WebHMI Cross-site Scripting — WebHMI 6.2 Medium2022-07-01
CVE-2014-3650 Red Hat JBoss AeroGear 跨站脚本漏洞 — Jboss Aerogear 5.4 -2022-07-01
CVE-2022-2280 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweber 4.8 -2022-07-01
CVE-2013-4170 Ember.js 跨站脚本漏洞 — ember-source 6.1 -2022-06-30
CVE-2022-31063 Cross site scripting via the title of a document in Tuleap — tuleap 6.5 Medium2022-06-29
CVE-2022-31094 Cross site scripting vulnerability in ScratchTools — ScratchTools 7.1 High2022-06-27
CVE-2022-31064 Cross site scripting in username that will trigger by sending chat — bigbluebutton 6.5 Medium2022-06-27
CVE-2022-31065 Cross site scripting vulnerability for private chat in bigbluebutton — bigbluebutton 6.5 Medium2022-06-27

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.