CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-21146	ICSA-22-062-01 IPCOMM ipDIO — IPCOMM ipDIO	6.3	Medium	2022-03-09
CVE-2022-26101	SAP Fiori 跨站脚本漏洞 — Fiori Launchpad	6.1	-	2022-03-08
CVE-2022-24399	SAP Focused Run 跨站脚本漏洞 — SAP Focused Run (Real User Monitoring)	6.1	-	2022-03-08
CVE-2022-24395	SAP Enterprise Portal 跨站脚本漏洞 — SAP NetWeaver Enterprise Portal	6.1	-	2022-03-08
CVE-2022-0877	Cross-site Scripting (XSS) - Stored in bookstackapp/bookstack — bookstackapp/bookstack	5.4	-	2022-03-08
CVE-2021-44478	Siemens Polarion Subversion Webclient 跨站脚本漏洞 — Polarion ALM	6.1	-	2022-03-08
CVE-2021-41542	Climatix POL909 跨站脚本漏洞 — Climatix POL909 (AWB module)	6.1	-	2022-03-08
CVE-2021-41541	Climatix POL909跨站脚本漏洞 — Climatix POL909 (AWB module)	6.1	-	2022-03-08
CVE-2021-37208	Siemens RUGGEDCOM 跨站脚本漏洞 — RUGGEDCOM i800	9.6	Critical	2022-03-08
CVE-2021-32005	SiteManager Log View XSS Issue — SiteManager	6.5	Medium	2022-03-07
CVE-2022-0535	E2Pdf < 1.16.45 - Admin+ Stored Cross-Site Scripting (XSS) — E2Pdf – Export To Pdf Tool for WordPress	4.8	-	2022-03-07
CVE-2022-0533	Ditty (formerly Ditty News Ticker) < 3.0.15 - Reflected Cross-Site Scripting (XSS) — Ditty (formerly Ditty News Ticker)	6.1	-	2022-03-07
CVE-2022-0448	CP Blocks < 1.0.15 - Admin+ Stored Cross-Site Scripting — CP Blocks	4.8	-	2022-03-07
CVE-2022-0429	WP Cerber Security, Anti-spam & Malware Scan < 8.9.6 - Unauthenticated Stored Cross-Site Scripting — WP Cerber Security, Anti-spam & Malware Scan	6.1	-	2022-03-07
CVE-2022-0426	Product Feed PRO for WooCommerce < 11.2.3 - Reflected Cross-Site Scripting — Product Feed PRO for WooCommerce	5.4	-	2022-03-07
CVE-2022-0422	White Label MS < 2.2.9 - Reflected Cross-Site Scripting — White Label CMS	6.1	-	2022-03-07
CVE-2022-0389	WP Time Slots Booking Form < 1.1.63 - Admin+ Stored Cross-Site Scripting — WP Time Slots Booking Form	4.8	-	2022-03-07
CVE-2022-0347	LoginPress < 1.5.12 - Reflected Cross-Site Scripting — LoginPress \| Custom Login Page Customizer	6.1	-	2022-03-07
CVE-2022-0205	YOP Poll < 6.3.5 - Author+ Stored Cross-Site Scripting — YOP Poll	5.4	-	2022-03-07
CVE-2021-25039	Multisite Content Copier/Updater < 2.1.0 - Reflected Cross-Site Scripting — WordPress Multisite Content Copier/Updater	6.1	-	2022-03-07
CVE-2021-25038	Multisite User Sync/Unsync < 2.1.2 - Reflected Cross-Site Scripting — WordPress Multisite User Sync/Unsync	6.1	-	2022-03-07
CVE-2021-24961	WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Shortcode — WordPress File Upload	5.4	-	2022-03-07
CVE-2021-24953	Advanced iFrame < 2022 - Reflected Cross-Site Scripting — Advanced iFrame	6.1	-	2022-03-07
CVE-2021-24826	Custom Content Shortcode < 4.0.2 - Authenticated Stored Cross-Site Scripting — Custom Content Shortcode	5.4	-	2022-03-07
CVE-2021-24821	Cost Calculator < 1.6 - Contributor+ Stored Cross-Site Scripting — Cost Calculator	5.4	-	2022-03-07
CVE-2021-24810	WP Event Manager < 3.1.23 - Admin+ Stored Cross-Site Scripting — WP Event Manager – Easily Build your Calendar of Events!	4.8	-	2022-03-07
CVE-2022-0832	Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore	5.4	-	2022-03-04
CVE-2022-0831	Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore	5.4	-	2022-03-04
CVE-2022-0752	Cross-site Scripting (XSS) - Generic in hestiacp/hestiacp — hestiacp/hestiacp	5.4	-	2022-03-04
CVE-2022-0838	Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp — hestiacp/hestiacp	6.1	-	2022-03-04

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529