Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21532

21532 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-31057 Authenticated Stored XSS in Shopware Administration — shopware 6.5 Medium2022-06-27
CVE-2022-31035 External URLs for Deployments can include javascript in argo-cd — argo-cd 9.0 Critical2022-06-27
CVE-2022-28172 Hikvision Hybrid SAN/Cluster Storage 跨站脚本漏洞 — DS-A71024/48/72R,DS-A80624S,DS-A81016S,DS-A72024/72R,DS-A80316S,DS-A82024D 6.5 Medium2022-06-27
CVE-2022-2140 Elcomplus SmartICS Cross-site Scripting — SmartICS 8.8 High2022-06-27
CVE-2022-2218 Cross-site Scripting (XSS) - Stored in ionicabizau/parse-url — ionicabizau/parse-url 6.1 -2022-06-27
CVE-2022-2217 Cross-site Scripting (XSS) - Generic in ionicabizau/parse-url — ionicabizau/parse-url 6.1 -2022-06-27
CVE-2022-2041 Brizy Page Builder < 2.4.2 - Contributor+ Stored Cross-Site Scripting via Element Content — Brizy – Page Builder 5.4 -2022-06-27
CVE-2022-2040 Brizy Page Builder < 2.4.2 - Contributor+ Stored Cross-Site Scripting via Element URL — Brizy – Page Builder 5.4 -2022-06-27
CVE-2022-1995 miniOrange's Malware Scanner < 4.5.2 - Admin+ Stored Cross-Site Scripting — Malware Scanner 4.8 -2022-06-27
CVE-2022-1994 Google Authenticator < 1.0.8 - Admin+ Stored Cross-Site Scripting — Login With OTP Over SMS, Email, WhatsApp and Google Authenticator 4.8 -2022-06-27
CVE-2022-1990 Nested Pages < 3.1.21 - Admin+ Stored Cross Site Scripting — Nested Pages 4.8 -2022-06-27
CVE-2022-1971 NextCellent Gallery <= 1.9.35 - Admin+ Stored XSS — NextCellent Gallery – NextGEN Legacy 4.8 -2022-06-27
CVE-2022-1964 Easy SVG Support < 3.3.0 - Author+ Stored Cross Site Scripting via SVG — Easy SVG Support 5.4 -2022-06-27
CVE-2022-1916 Active Products Tables for WooCommerce < 1.0.5 - Reflected Cross-Site-Scripting — Active Products Tables for WooCommerce. Professional products tables for WooCommerce store 6.1 -2022-06-27
CVE-2022-1904 Easy Pricing Tables < 3.2.1 - Reflected Cross-Site-Scripting — Pricing Tables WordPress Plugin – Easy Pricing Tables 6.1 -2022-06-27
CVE-2022-1776 Icegram < 2.1.8 - Contributor+ Stored Cross-Site Scripting — Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram 5.4 -2022-06-27
CVE-2022-1593 Site Offline or Coming Soon <= 1.6.6 - Stored Cross-Site Scripting via CSRF — Site Offline or Coming Soon 6.1 -2022-06-27
CVE-2022-1470 Ultimate WooCommerce CSV Importer <= 2.0 - Reflected Cross-Site Scripting — Ultimate WooCommerce CSV Importer 6.1 -2022-06-27
CVE-2022-1327 Image Gallery - Grid Gallery < 1.1.6 - Admin+ Stored Cross-Site Scripting — Image Gallery – Grid Gallery 4.8 -2022-06-27
CVE-2022-1326 Form - Contact Form <= 1.2.0 - Admin+ Stored Cross-Site Scripting — Form – Contact Form 4.8 -2022-06-27
CVE-2022-1321 miniOrange's Google Authenticator < 5.5.6 - Admin+ Stored Cross-Site Scripting — miniOrange's Google Authenticator – WordPress Two Factor Authentication (2FA , Two Factor, OTP SMS and Email) | Passwordless login 4.8 -2022-06-27
CVE-2022-1095 Mihdan: No External Links < 5.0.2 - Admin+ Stored Cross-Site Scripting — Mihdan: No External Links 4.8 -2022-06-27
CVE-2022-1029 Limit Login Attempts < 4.0.72 - Admin+ Stored Cross-Site Scripting — Limit Login Attempts 4.8 -2022-06-27
CVE-2022-1028 WordPress Security < 4.2.1 - Admin+ Stored Cross-Site Scripting — WordPress Security – Firewall, Malware Scanner, Secure Login and Backup 4.8 -2022-06-27
CVE-2022-1010 Login using WordPress Users < 1.13.4 - Admin+ Stored Cross-Site Scripting — Login using WordPress Users ( WP as SAML IDP ) 4.8 -2022-06-27
CVE-2022-2213 SourceCodester Library Management System cross site scripting — Library Management System 3.5 Low2022-06-27
CVE-2022-29168 Cross Site Scripting in Wire Messages — wire-webapp 9.6 Critical2022-06-25
CVE-2022-29096 Dell Wyse Management Suite 跨站脚本漏洞 — Wyse Management Suite 6.1 Medium2022-06-24
CVE-2022-30118 PortlandLabs Concrete CMS 跨站脚本漏洞 — https://github.com/concrete5/concrete5 6.1 -2022-06-24
CVE-2022-30120 PortlandLabs Concrete CMS 跨站脚本漏洞 — https://github.com/concrete5/concrete5 6.1 -2022-06-24

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.