Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-36738 XSS vulnerability in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet — Apache Portals 6.1 -2022-01-06
CVE-2021-36737 XSS in V3 Demo Portlet — Apache Portals 6.1 -2022-01-06
CVE-2022-0121 Cross-site Scripting in hoppscotch/hoppscotch — hoppscotch/hoppscotch 8.0 High2022-01-06
CVE-2022-22109 DayByDay CRM - Stored Cross-Site Scripting (XSS) in Task Title — DaybydayCRM 5.4 Medium2022-01-05
CVE-2022-21649 Stored XSS via attribute in convos — convos 7.6 High2022-01-04
CVE-2022-21650 Stored XSS via html file upload in convos — convos 7.6 High2022-01-04
CVE-2022-21648 Sandbox bypass in Latte templates — latte 8.2 High2022-01-04
CVE-2021-41236 XSS vulnerability in oro/platform — platform 6.9 Medium2022-01-04
CVE-2021-25040 Booking Calendar < 8.9.2 - Reflected Cross-Site Scripting — Booking Calendar 6.1 -2022-01-03
CVE-2021-25027 PowerPack Addons for Elementor < 2.6.2 - Reflected Cross-Site Scripting — PowerPack Addons for Elementor 6.1 -2022-01-03
CVE-2021-25022 UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting — UpdraftPlus WordPress Backup Plugin 6.1 -2022-01-03
CVE-2021-25001 Booster for WooCommerce < 5.4.9 - Reflected Cross-Site Scripting in Product XML Feeds Module — Booster for WooCommerce 6.1 -2022-01-03
CVE-2021-25016 Chaty < 2.8.3 - Reflected Cross-Site Scripting — Floating Chat Widget: Contact Icons, Messages, Telegram, Email, SMS, Call Button – Chaty 6.1 -2022-01-03
CVE-2021-25000 Booster for WooCommerce < 5.4.9 - Reflected Cross-Site Scripting in General Module — Booster for WooCommerce 6.1 -2022-01-03
CVE-2021-24991 WooCommerce PDF Invoices & Packing Slips < 2.10.5 - Reflected Cross-Site Scripting — WooCommerce PDF Invoices & Packing Slips 6.1 -2022-01-03
CVE-2021-24999 Booster for Woocommerce < 5.4.9 - Reflected Cross-Site Scripting in PDF Invoicing Module — Booster for WooCommerce 6.1 -2022-01-03
CVE-2021-24973 Site Reviews < 5.17.3 - Unauthenticated Stored Cross-Site Scripting — Site Reviews 6.1 -2022-01-03
CVE-2021-24964 LiteSpeed Cache < 4.4.4 - IP Check Bypass to Unauthenticated Stored XSS — LiteSpeed Cache 6.1 -2022-01-03
CVE-2021-24963 LiteSpeed Cache < 4.4.4 - Admin+ Reflected Cross-Site Scripting — LiteSpeed Cache 6.1 -2022-01-03
CVE-2021-24828 Mortgage Calculator / Loan Calculator < 1.5.17 - Contributor+ Stored Cross-Site Scripting — Mortgage Calculator / Loan Calculator 5.4 -2022-01-03
CVE-2021-24680 WP Travel Engine < 5.3.1 - Editor+ Stored Cross-Site Scripting — WP Travel Engine – Travel and Tour Booking Plugin 5.4 -2022-01-03
CVE-2021-43861 Incorrect sanitisation function leads to `XSS` — mermaid 7.2 High2021-12-30
CVE-2021-25993 Requarks wiki.js - Stored Cross-Site Scripting (XSS) in markdown editor — wiki 5.4 Medium2021-12-29
CVE-2021-4175 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 6.1 -2021-12-29
CVE-2021-4176 Cross-site Scripting (XSS) - Reflected in livehelperchat/livehelperchat — livehelperchat/livehelperchat 6.1 -2021-12-29
CVE-2021-38680 Reflected XSS in Kazoo Server — Kazoo Server 5.3 Medium2021-12-29
CVE-2021-25990 ifme - Stored Cross-Site Scripting (XSS) in Contacts section — ifme 5.4 Medium2021-12-29
CVE-2021-25989 ifme - Stored Cross-Site Scripting (XSS) in Groups section — ifme 5.4 Medium2021-12-29
CVE-2021-25988 ifme - Stored Cross-Site Scripting (XSS) in Notifications section — ifme 5.4 Medium2021-12-29
CVE-2021-4179 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 6.1 -2021-12-28

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.