CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530

21530 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-29927	JetBrains TeamCity 跨站脚本漏洞 — TeamCity	4.6	Medium	2022-05-12
CVE-2022-1682	Reflected Xss using url based payload in neorazorx/facturascripts — neorazorx/facturascripts	6.1	-	2022-05-12
CVE-2022-29610	SAP NetWeaver Application Server 跨站脚本漏洞 — SAP NetWeaver Application Server ABAP	5.4	-	2022-05-11
CVE-2022-27656	SAP Web Dispatcher 跨站脚本漏洞 — SAP NetWeaver AS for ABAP and Java (ICM Administration UI)	6.1	-	2022-05-11
CVE-2022-30278	Black Duck Hub 跨站脚本漏洞 — Black Duck Hub	6.1	-	2022-05-10
CVE-2022-1567	WP JS <= 2.0.6 - Reflected Cross-Site Scripting — WP JS	6.1	Medium	2022-05-10
CVE-2022-29882	Siemens SICAM 跨站脚本漏洞 — SICAM T	7.1	High	2022-05-10
CVE-2022-29880	Siemens SICAM 跨站脚本漏洞 — SICAM T	6.5	Medium	2022-05-10
CVE-2022-29876	Siemens SICAM 跨站脚本漏洞 — SICAM T	7.1	High	2022-05-10
CVE-2022-1338	Easily Generate Rest API Url <= 1.0.0 - Admin+ Stored Cross-Site Scripting — Easily Generate Rest API Url	4.8	-	2022-05-09
CVE-2022-1303	Slide Anything < 2.3.44 - Editor+ Stored Cross-Site Scripting — Slide Anything – Responsive Content / HTML Slider and Carousel	4.8	-	2022-05-09
CVE-2022-1171	Vertical scroll recent post < 14.0 - Reflected Cross-Site Scripting — Vertical scroll recent post	6.1	-	2022-05-09
CVE-2022-1104	Popup Maker < 1.16.5 - Admin+ Stored Cross-Site Scripting — Popup Maker – Popup for opt-ins, lead gen, & more	4.8	-	2022-05-09
CVE-2022-1047	Themify - Post Type Builder Search Addon < 1.4.0 - Reflected Cross-Site Scripting — themify-ptb-search	6.1	-	2022-05-09
CVE-2022-0898	IgniteUp <= 3.4.1 - Admin+ Stored Cross-Site Scripting — IgniteUp – Coming Soon and Maintenance Mode	5.4	-	2022-05-09
CVE-2022-0874	WP Social Buttons <= 2.1 - Admin+ Stored Cross-Site Scripting — WP Social Buttons	4.8	-	2022-05-09
CVE-2022-0625	Admin Menu Editor <= 1.0.4 - Reflected Cross-Site Scripting — Admin Menu Editor	6.1	-	2022-05-09
CVE-2022-29422	WordPress Countdown & Clock plugin <= 2.3.2 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities — Countdown & Clock (WordPress plugin)	4.8	Medium	2022-05-06
CVE-2022-29421	WordPress Countdown & Clock plugin <= 2.3.2 - Reflected Cross-Site Scripting (XSS) vulnerability — Countdown & Clock (WordPress plugin)	4.7	Medium	2022-05-06
CVE-2022-29420	WordPress Countdown & Clock plugin <= 2.3.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Countdown & Clock (WordPress plugin)	5.9	Medium	2022-05-06
CVE-2021-36912	Andrea Pernici News Sitemap for Google plugin <= 1.0.16 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Andrea Pernici News Sitemap for Google (WordPress plugin)	5.4	Medium	2022-05-06
CVE-2022-27183	Reflected XSS in a query parameter of the Monitoring Console — Splunk Enterprise	8.8	High	2022-05-06
CVE-2022-24899	Cross site scripting via canonical tag — contao	7.2	High	2022-05-05
CVE-2022-29172	HTML injection with additional signup fields — lock	6.1	Medium	2022-05-05
CVE-2021-44053	Reflected XSS — QTS	5.7	Medium	2022-05-05
CVE-2022-28716	F5 BIG-IP 跨站脚本漏洞 — BIG-IP	7.5	High	2022-05-05
CVE-2022-28707	F5 BIG-IP 跨站脚本漏洞 — BIG-IP	8.0	High	2022-05-05
CVE-2022-27880	F5 Traffix SDC 跨站脚本漏洞 — Traffix SDC	4.8	Medium	2022-05-05
CVE-2022-27878	F5 BIG-IP 多款产品跨站脚本漏洞 — BIG-IP	6.8	Medium	2022-05-05
CVE-2022-27230	F5 BIG-IP APM 跨站脚本漏洞 — BIG-IP APM	7.5	High	2022-05-05

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21530 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530