Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-25613 WordPress FV Flowplayer Video Player plugin <= 7.5.18.727 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability — FV Flowplayer Video Player (WordPress plugin) 4.1 Medium2022-04-04
CVE-2022-24814 Cross-site Scripting in Directus — directus 8.8 High2022-04-04
CVE-2022-1170 JobMonster < 4.5.2.9 - Unauthenticated Reflected Cross-Site Scripting — Noo JobMonster 6.1 -2022-04-04
CVE-2022-1169 Careerfy < 3.9.0 - Unauthenticated Reflected Cross-Site Scripting (XSS) — Careerfy 5.4 -2022-04-04
CVE-2022-1168 JobSearch < 1.5.1 - Unauthenticated Reflected Cross-Site Scripting (XSS) — WP JobSearch 6.1 -2022-04-04
CVE-2022-1167 CareerUp < 2.3.1 - Unauthenticated Reflected Cross-Site Scripting — Careerup 6.1 -2022-04-04
CVE-2022-1164 Wyzi < 2.4.3 - Reflected Cross-Site Scripting (XSS) — WYZI Business Finder 6.1 -2022-04-04
CVE-2022-0958 Mark Posts < 2.0.1 - Admin+ Stored Cross-Site Scripting — Mark Posts 4.8 -2022-04-04
CVE-2022-0901 Ad Inserter < 2.7.12 - Reflected Cross-Site Scripting — Ad Inserter – Ad Manager & AdSense Ads 6.1 -2022-04-04
CVE-2022-0884 Profile Builder < 3.6.8 - Admin+ Stored Cross-Site Scripting — Profile Builder – User Profile & User Registration Forms 4.8 -2022-04-04
CVE-2022-0864 UpdraftPlus < 1.22.9 - Reflected Cross-Site Scripting — UpdraftPlus WordPress Backup Plugin 6.1 -2022-04-04
CVE-2022-0431 Google Pagespeed Insights < 4.0.4 - Reflected Cross-Site Scripting — Insights from Google PageSpeed 6.1 -2022-04-04
CVE-2021-25113 Dropdown Menu Widget <= 1.9.7 - Subscriber+ Arbitrary Settings Update to Stored XSS — Dropdown Menu Widget 5.4 -2022-04-04
CVE-2021-25048 KingComposer <= 2.9.6 - Subscriber+ Stored Cross-Site Scripting — Page Builder: KingComposer – Free Drag and Drop page builder by King-Theme 5.4 -2022-04-04
CVE-2021-23288 Security issues in Intelligent Power Protector — Intelligent Power Protector 5.6 Medium2022-04-01
CVE-2021-23287 Security issues in Intelligent Power Manager (IPM 1) — Intelligent Power Manager (IPM 1) 5.6 Medium2022-04-01
CVE-2022-21830 RocketChat LiveChat 跨站脚本漏洞 — Rocket.chat Livechat 6.1 -2022-04-01
CVE-2022-0350 Cross-site Scripting (XSS) - Stored in vanessa219/vditor — vanessa219/vditor 5.4 -2022-03-31
CVE-2022-1179 Non-Privilege User Can Created New Rule and Lead to Stored Cross Site Scripting in openemr/openemr — openemr/openemr 5.4 -2022-03-30
CVE-2022-1180 Reflected Cross Site Scripting in openemr/openemr — openemr/openemr 6.1 -2022-03-30
CVE-2022-1181 Stored Cross Site Scripting in openemr/openemr — openemr/openemr 5.4 -2022-03-30
CVE-2022-1178 Stored Cross Site Scripting in openemr/openemr — openemr/openemr 5.4 -2022-03-30
CVE-2022-1163 Cross-site Scripting (XSS) - Stored in mineweb/minewebcms — mineweb/minewebcms 4.8 -2022-03-30
CVE-2022-23059 Shopizer - Stored XSS in Manage Images — Shopizer 4.8 Medium2022-03-29
CVE-2022-1087 htmly Edit Profile Module cross site scripting — htmly 3.5 Low2022-03-29
CVE-2022-1086 DolphinPHP User Management Page cross site scripting — DolphinPHP 3.5 Low2022-03-29
CVE-2022-1085 CLTPHP POST Parameter cross site scripting — CLTPHP 3.5 Low2022-03-29
CVE-2022-1081 SourceCodester Microfinance Management System addcustomerHandler.php cross site scripting — Microfinance Management System 4.3 Medium2022-03-29
CVE-2022-1079 SourceCodester One Church Management System churchprofile.php cross site scripting — One Church Management System 4.3 Medium2022-03-29
CVE-2022-1076 Automatic Question Paper Generator System My Account Page login.php cross site scripting — Automatic Question Paper Generator System 4.3 Medium2022-03-29

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.