CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21531

21531 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-32209	Rails 跨站脚本漏洞 — https://github.com/rails/rails-html-sanitizer	6.1	-	2022-06-24
CVE-2022-34305	XSS in examples web application — Apache Tomcat	6.1	-	2022-06-23
CVE-2022-32159	Openlibrary - Stored XSS — infogami	5.4	-	2022-06-22
CVE-2022-23081	Openlibrary - Reflected XSS — openlibrary	6.1	-	2022-06-22
CVE-2021-26636	Maxboard Remote Code Execution — MaxBoard	8.8	High	2022-06-22
CVE-2022-2174	Cross-site Scripting (XSS) - Reflected in microweber/microweber — microweber/microweber	6.1	-	2022-06-22
CVE-2022-23077	Habitica - DOM XSS in login page — habitica	6.1	-	2022-06-22
CVE-2022-23058	ERPNext - Stored XSS in My Settings — frappe	5.4	-	2022-06-22
CVE-2022-23056	ERPNext - Stored XSS leads to account takover — erpnext	5.4	-	2022-06-22
CVE-2022-23057	ERPNext - Stored XSS in My Profile — frappe	5.4	-	2022-06-22
CVE-2022-23074	Recipes - Stored XSS in Name Parameter — recipes	5.4	-	2022-06-21
CVE-2022-23073	Recipes - Stored XSS in Clipboard — recipes	5.4	-	2022-06-21
CVE-2022-23072	Recipes - Stored XSS in Add to Cart — recipes	5.4	-	2022-06-21
CVE-2022-1945	Coming Soon and Maintenance by Colorlib < 1.0.99 - Admin+ Stored Cross Site Scripting — Coming Soon & Maintenance Mode by Colorlib	4.8	-	2022-06-20
CVE-2022-1915	WP Zillow Review Slider < 2.4 - Admin+ Stored Cross-Site Scripting — WP Zillow Review Slider	4.8	-	2022-06-20
CVE-2022-1896	underConstruction < 1.21 - Admin+ Stored Cross-Site Scripting — underConstruction	4.8	-	2022-06-20
CVE-2022-1889	Newsletter < 7.4.6 - Admin+ Stored Cross-Site Scripting — Newsletter – Send awesome emails from WordPress	4.8	-	2022-06-20
CVE-2022-1717	Custom Share Buttons with Floating Sidebar < 4.2 - Admin+ Stored XSS — Custom Share Buttons with Floating Sidebar	4.8	-	2022-06-20
CVE-2022-1266	Post Grid, Slider & Carousel Ultimate < 1.5.0 - Admin+ Stored XSS — Post Grid, Slider & Carousel Ultimate	4.8	-	2022-06-20
CVE-2022-0663	Print, PDF, Email by PrintFriendly < 5.2.3 - Admin+ Stored Cross-Site Scripting — Print, PDF, Email by PrintFriendly	4.8	-	2022-06-20
CVE-2021-25104	Ocean Extra < 1.9.5 - Reflected Cross-Site Scripting — Ocean Extra	6.1	-	2022-06-20
CVE-2021-25088	Google XML Sitemaps < 4.1.3 - Admin+ Stored Cross-Site Scripting — XML Sitemaps	4.8	-	2022-06-20
CVE-2022-2130	Cross-site Scripting (XSS) - Reflected in microweber/microweber — microweber/microweber	6.1	-	2022-06-20
CVE-2022-25772	Mautic 跨站脚本漏洞 — Mautic	9.6	Critical	2022-06-20
CVE-2022-2113	Cross-site Scripting (XSS) - Stored in inventree/inventree — inventree/inventree	5.4	-	2022-06-17
CVE-2021-36827	WordPress Ninja Forms Contact Form plugin <= 3.6.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Ninja Forms Contact Form (WordPress plugin)	4.8	Medium	2022-06-16
CVE-2022-21938	Metasys MUI Graphics XSS — Metasys ADS/ADX/OAS server	8.1	High	2022-06-15
CVE-2022-32280	WordPress XO Slider plugin <= 3.3.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — XO Slider (WordPress plugin)	5.4	Medium	2022-06-15
CVE-2022-29452	WordPress Export All URLs plugin <= 4.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Export All URLs (WordPress plugin)	3.4	Low	2022-06-15
CVE-2022-21937	Metasys CSS — Metasys ADS/ADX/OAS server	8.7	High	2022-06-15

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21531