Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-22546 SAP Business Objects Web Intelligence 跨站脚本漏洞 — SAP Business Objects Web Intelligence (BI Launchpad) 5.4 -2022-02-09
CVE-2022-22812 spaceLYnk 跨站脚本漏洞 — spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior) 6.1 -2022-02-09
CVE-2022-23622 Cross site scripting in registration template in xwiki-platform — xwiki-platform 7.4 High2022-02-09
CVE-2022-23312 Siemens Spectrum Power 跨站脚本漏洞 — Spectrum Power 4 6.1 -2022-02-09
CVE-2022-0539 Cross-site Scripting (XSS) - Stored in ptrofimov/beanstalk_console — ptrofimov/beanstalk_console 5.4 -2022-02-09
CVE-2022-0527 Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot — chatwoot/chatwoot 5.4 -2022-02-09
CVE-2022-0526 Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot — chatwoot/chatwoot 5.4 -2022-02-09
CVE-2022-21702 Cross site scripting in Grafana proxy — grafana 6.5 Medium2022-02-08
CVE-2022-0510 Cross-site Scripting (XSS) - Reflected in pimcore/pimcore — pimcore/pimcore 5.4 -2022-02-08
CVE-2022-0509 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-02-08
CVE-2022-0506 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweber 5.4 -2022-02-08
CVE-2022-0149 WooCommerce – Store Exporter < 2.7.1 - Reflected Cross-Site Scripting (XSS) — WooCommerce – Store Exporter 6.1 -2022-02-07
CVE-2022-0148 All-in-one Floating Contact Form < 2.0.4 - Authenticated Reflected Cross-Site Scripting (XSS) — All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs – My Sticky Elements 5.4 -2022-02-07
CVE-2021-25106 WPLegalPages < 2.7.1 - Subscriber+ Arbitrary Settings Update to Stored XSS — Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WPLegalPages 5.4 -2022-02-07
CVE-2021-25105 Ivory Search < 5.4.1 - Multiple Admin+ Stored Cross-Site Scripting — Ivory Search – WordPress Search Plugin 4.8 -2022-02-07
CVE-2021-25103 GTranslate < 2.9.7 - Reflected Cross-Site Scripting — Translate WordPress with GTranslate 6.1 -2022-02-07
CVE-2021-25077 Store Toolkit for WooCommerce < 2.3.2 - Reflected Cross-Site Scripting — Store Toolkit for WooCommerce 6.1 -2022-02-07
CVE-2021-25029 Cluevo < 1.8.1 - Admin+ Stored Cross Site Scripting — CLUEVO LMS, E-Learning Platform 4.8 -2022-02-07
CVE-2021-24880 SupportCandy < 2.2.7 - Contributor+ Stored Cross-Site Scripting — SupportCandy – Helpdesk & Support Ticket System 5.4 -2022-02-07
CVE-2021-24878 SupportCandy < 2.2.7 - Reflected Cross-Site Scripting — SupportCandy – Helpdesk & Support Ticket System 6.1 -2022-02-07
CVE-2022-0473 Dynamic field error message is vulnerable to XSS — OTRS 3.8 Low2022-02-07
CVE-2022-0502 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 5.4 -2022-02-06
CVE-2022-0501 Cross-site Scripting (XSS) - Reflected in ptrofimov/beanstalk_console — ptrofimov/beanstalk_console 6.1 -2022-02-05
CVE-2022-0437 Cross-site Scripting (XSS) - DOM in karma-runner/karma — karma-runner/karma 6.1 -2022-02-05
CVE-2021-43841 XSS by SVG upload in xwiki-platform — xwiki-platform 5.4 Medium2022-02-04
CVE-2022-22804 Schneider Electric EcoStruxure Power Monitoring Expert 跨站脚本漏洞 — EcoStruxure Power Monitoring Expert (Versions 2020 and prior) 5.4 -2022-02-04
CVE-2022-23980 WordPress Yasr – Yet Another Stars Rating plugin <= 2.9.9 - Cross-Site Scripting (XSS) vulnerability — Yasr – Yet Another Stars Rating (WordPress plugin) 4.7 Medium2022-02-04
CVE-2022-0381 Embed Swagger <= 1.0.0 Reflected Cross-Site Scripting — Embed Swagger 6.1 Medium2022-02-04
CVE-2022-0380 Fotobook <= 3.2.3 Reflected Cross-Site Scripting — Fotobook 6.1 Medium2022-02-04
CVE-2021-25091 Link Library < 7.2.9 - Reflected Cross-Site Scripting — Link Library 6.1 -2022-02-01

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.