Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530

21530 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-1464 Stored xss bug in gogs/gogs — gogs/gogs 5.4 -2022-05-05
CVE-2022-1590 Bludit New Content Module new-content cross site scripting — Bludit 3.5 Low2022-05-05
CVE-2022-1584 Reflected XSS in microweber/microweber — microweber/microweber 6.1 -2022-05-04
CVE-2022-25784 User controllable HTML element attribute (potential XSS) — SiteManager 9.1 Critical2022-05-04
CVE-2022-25781 Reflected XSS issues in GateManager — GateManager 4.2 Medium2022-05-04
CVE-2022-1571 Cross-site scripting - Reflected in Create Subaccount in neorazorx/facturascripts — neorazorx/facturascripts 6.1 -2022-05-04
CVE-2022-1555 DOM XSS in microweber ver 1.2.15 in microweber/microweber — microweber/microweber 6.1 -2022-05-04
CVE-2022-20627 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities — Cisco Firepower Management Center 5.4 Medium2022-05-03
CVE-2022-20628 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities — Cisco Firepower Management Center 5.4 Medium2022-05-03
CVE-2022-20629 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities — Cisco Firepower Management Center 5.4 Medium2022-05-03
CVE-2021-36844 WordPress WP Subscribe plugin <= 1.2.12 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — WP Subscribe (WordPress plugin) 3.4 Low2022-05-02
CVE-2021-41810 Script injection in M-Files Admin — M-Files Server 5.2 Medium2022-05-02
CVE-2022-26325 Cross Site Scripting vulnerability in NetIQ Access Manager versions prior to version 5.0.2 — NetIQ Access Manager 2.9 Low2022-05-02
CVE-2022-1282 Photo Gallery < 1.6.3 - Reflected Cross-Site Scripting — Photo Gallery by 10Web – Mobile-Friendly Image Gallery 6.1 -2022-05-02
CVE-2022-1269 Fast Flow < 1.2.12 - Reflected Cross-Site Scripting — Fast Flow 6.1 -2022-05-02
CVE-2022-1255 Import and export users and customers < 1.19.2.1 - Admin+ Stored Cross-Site Scripting — Import and export users and customers 4.8 -2022-05-02
CVE-2022-1250 LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting — LifterLMS Paypal 6.1 -2022-05-02
CVE-2022-1046 Visual Form Builder < 3.0.7 - Admin+ Stored Cross-Site Scripting — Visual Form Builder 4.8 -2022-05-02
CVE-2022-0662 Adrotate < 5.8.23 - Admin+ XSS via Advert Name — AdRotate – Ad manager & AdSense Ads 4.8 -2022-05-02
CVE-2022-0649 Adrotate < 5.8.23 - Admin+ XSS via Group Name — AdRotate – Ad manager & AdSense Ads 4.8 -2022-05-02
CVE-2022-0428 Content Egg < 5.3.0 - Reflected Cross-Site Scripting — Content Egg 6.1 -2022-05-02
CVE-2022-0418 Event List < 0.8.8 - Admin+ Stored Cross-Site Scripting — Event List 4.8 -2022-05-02
CVE-2021-25102 All In One WP Security < 4.4.11 - Authenticated Reflected Cross-Site Scripting — All In One WP Security & Firewall 6.1 -2022-05-02
CVE-2021-25086 Advanced Page Visit Counter < 6.1.2 - Unauthenticated Stored Cross-Site Scripting — Advanced Page Visit Counter – Advanced WordPress Visit Counter 6.1 -2022-05-02
CVE-2022-23065 Vendure - XSS via SVG File Upload — vendure 5.4 Medium2022-05-02
CVE-2022-23060 Shopizer - Stored XSS in Manage Files — Shopizer 4.8 Medium2022-05-01
CVE-2022-1536 automad Dashboard cross site scripting — automad 3.5 Low2022-04-29
CVE-2022-1530 Cross-site Scripting (XSS) in livehelperchat/livehelperchat — livehelperchat/livehelperchat 5.4 -2022-04-29
CVE-2022-1526 Emlog Pro POST Parameter cross site scripting — Emlog Pro 3.5 Low2022-04-29
CVE-2022-1514 Stored XSS via upload plugin functionality in zip format in neorazorx/facturascripts — neorazorx/facturascripts 5.4 -2022-04-28

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21530 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.