Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530

21530 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-0737 Text Hover < 4.2 - Admin+ Stored Cross-Site Scripting — Text Hover 4.8 -2022-04-18
CVE-2022-0706 Easy Digital Downloads < 2.11.6 - Admin+ Stored Cross-Site Scripting — Easy Digital Downloads – Simple eCommerce for Selling Digital Files 4.8 -2022-04-18
CVE-2021-25120 Easy Social Feed < 6.2.7 - Reflected Cross-Site Scripting — Easy Social Feed Pro 6.1 -2022-04-18
CVE-2020-25163 OSIsoft PI Vision Cross-site Scripting — PI Vision 7.7 High2022-04-18
CVE-2022-27853 WordPress Contest Gallery plugin <= 13.1.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Contest Gallery (WordPress plugin) 4.8 Medium2022-04-18
CVE-2021-23284 Security issues in Eaton Intelligent Power Manager Infrastructure — Intelligent Power Manager Infrastructure (IPM Infrastructure) 5.7 Medium2022-04-18
CVE-2021-23285 Security issues in Eaton Intelligent Power Manager Infrastructure — Intelligent Power Manager Infrastructure (IPM Infrastructure) 3.1 Low2022-04-18
CVE-2022-1380 Stored Cross Site Scripting vulnerability in Item name parameter in snipe/snipe-it — snipe/snipe-it 5.4 -2022-04-16
CVE-2022-24851 Stored XSS and path traversal in LDAPAccountManager/lam — lam 8.1 High2022-04-15
CVE-2022-27852 WordPress KB Support plugin <= 1.5.5 - Multiple Unauth. Stored Cross-Site Scripting (XSS) vulnerabilities — KB Support 6.1 Medium2022-04-15
CVE-2021-36828 WordPress WP Maintenance plugin <= 6.0.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — WP Maintenance 4.8 Medium2022-04-15
CVE-2022-1231 XSS via Embedded SVG in SVG Diagram Format in plantuml/plantuml — plantuml/plantuml 6.1 -2022-04-15
CVE-2022-24855 XSS vulnerability in Metabase — metabase 8.7 High2022-04-14
CVE-2020-25158 B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus — SpaceCom 7.6 High2022-04-14
CVE-2022-27848 WordPress Modern Events Calendar Lite plugin <= 6.5.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Modern Events Calendar Lite (WordPress plugin) 3.4 Low2022-04-14
CVE-2022-22182 Junos OS: A XSS vulnerability allows an attacker to execute commands on a target J-Web session — Junos OS 8.8 High2022-04-14
CVE-2022-22181 Junos OS: J-Web can be compromised through reflected XSS attacks — Junos OS 8.0 High2022-04-14
CVE-2022-1351 Stored XSS in Tooltip in pimcore/pimcore — pimcore/pimcore 5.4 -2022-04-14
CVE-2022-1347 Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in causefx/organizr — causefx/organizr 6.9 -2022-04-13
CVE-2022-1346 Multiple Stored XSS in causefx/organizr — causefx/organizr 8.9 -2022-04-13
CVE-2022-1344 Stored XSS due to no sanitization in the filename in causefx/organizr — causefx/organizr 5.4 -2022-04-13
CVE-2022-27505 Citrix SD-WAN 跨站脚本漏洞 — Citrix SD-WAN 6.1 -2022-04-13
CVE-2022-27503 Citrix Systems Citrix StoreFront Server 跨站脚本漏洞 — StoreFront 6.1 -2022-04-13
CVE-2022-1330 stored xss due to unsantized anchor url in alvarotrigo/fullpage.js — alvarotrigo/fullpage.js 5.4 -2022-04-12
CVE-2022-28216 SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (BI Workspace) 6.1 -2022-04-12
CVE-2022-28770 SAPUI5 library 跨站脚本漏洞 — SAPUI5 (vbm library) 6.1 -2022-04-12
CVE-2022-26105 SAP NetWeaver Enterprise Portal 跨站脚本漏洞 — SAP NetWeaver Enterprise Portal 6.1 -2022-04-12
CVE-2022-24833 Persistent Cross-site Scripting (XSS) vulnerability in PrivateBin — PrivateBin 8.2 High2022-04-11
CVE-2022-27845 WordPress Plausible Analytics plugin <= 1.2.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Plausible Analytics (WordPress plugin) 4.8 Medium2022-04-11
CVE-2022-22571 Incapptic Connect 跨站脚本漏洞 — Ivanti Incapptic Connect 4.8 -2022-04-11

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21530 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.