Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-4132 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 6.1 -2021-12-17
CVE-2021-41261 Stored Cross-site Scripting in Galette — galette 8.1 High2021-12-16
CVE-2021-4124 Cross-site Scripting (XSS) - Stored in meetecho/janus-gateway — meetecho/janus-gateway 5.4 -2021-12-16
CVE-2021-4121 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrm 5.4 -2021-12-16
CVE-2021-4116 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrm 5.4 -2021-12-15
CVE-2021-4108 Cross-site Scripting (XSS) - Stored in snipe/snipe-it — snipe/snipe-it 5.4 -2021-12-14
CVE-2021-39183 Unsafe inline XSS Owncast — owncast 8.2 High2021-12-14
CVE-2021-39313 Simple Image Gallery <= 1.0.6 Reflected Cross-Site Scripting — Simple Image Gallery 6.1 Medium2021-12-14
CVE-2021-39310 Real WYSIWYG <= 0.0.2 Reflected Cross-Site Scripting — Real WYSIWYG 6.1 Medium2021-12-14
CVE-2021-39308 WooCommerce myghpay Payment Gateway <= 3.0 Reflected Cross-Site Scripting — WooCommerce myghpay Payment Gateway 6.1 Medium2021-12-14
CVE-2021-38361 .htaccess Redirect <= 0.3.1 Reflected Cross-Site Scripting — .htaccess Redirect 6.1 Medium2021-12-14
CVE-2021-39311 link-list-manager <= 1.0 Reflected Cross-Site Scripting — link-list-manager 6.1 Medium2021-12-14
CVE-2021-39309 Parsian Bank Gateway for Woocommerce <= 1.0 Reflected Cross-Site Scripting — Parsian Bank Gateway for Woocommerce 6.1 Medium2021-12-14
CVE-2021-39314 WooCommerce EnvioPack <= 1.2 Reflected Cross-Site Scripting — WooCommerce EnvioPack 6.1 Medium2021-12-14
CVE-2021-39318 H5P CSS Editor <= 1.0 Reflected Cross-Site Scripting — H5P CSS Editor 6.1 Medium2021-12-14
CVE-2021-41836 Fathom Analytics <= 3.0.4 Authenticated Stored Cross-Site Scripting — Fathom Analytics 4.8 Medium2021-12-14
CVE-2021-42367 Variation Swatches for WooCommerce <= 2.1.1 Authenticated Stored Cross-Site Scripting — Variation Swatches for WooCommerce 6.4 Medium2021-12-14
CVE-2021-39315 Magic Post Voice <= 1.2 Reflected Cross-Site Scripting — Magic Post Voice 6.1 Medium2021-12-14
CVE-2021-39319 duoFAQ - Responsive, Flat, Simple FAQ <= 1.4.8 Reflected Cross-Site Scripting — duoFAQ - Responsive, Flat, Simple FAQ 6.1 Medium2021-12-14
CVE-2021-42061 SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform 5.4 -2021-12-14
CVE-2021-4107 Cross-site Scripting (XSS) - Reflected in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrm 5.4 -2021-12-14
CVE-2021-3831 Cross-site Scripting (XSS) - Reflected in gnuboard/gnuboard5 — gnuboard/gnuboard5 6.1 -2021-12-14
CVE-2021-43817 Reflected Cross-Site-Scripting vulnerability in Collabora Online — online 8.2 High2021-12-13
CVE-2021-42548 reflected XSS in search functionality of WP Cloud Plugins - Share-one-Drive — Share-one-Drive 4.7 Medium2021-12-13
CVE-2021-42549 reflected XSS in search functionality of WP Cloud Plugins - Lets-Box — Lets-Box 4.7 Medium2021-12-13
CVE-2021-42547 reflected XSS in search functionality of WP Cloud Plugins - Out-of-the-Box — Out-of-the-Box 4.7 Medium2021-12-13
CVE-2021-42546 Reflected XSS in search functionality of WP Cloud Plugins - Use-Your-Drive — Use-Your-Drive 4.7 Medium2021-12-13
CVE-2021-24972 Pixel Cat Lite < 2.6.3 - Admin+ Stored Cross-Site Scripting — Pixel Cat – Conversion Pixel Manager 4.8 -2021-12-13
CVE-2021-24955 ProfilePress < 3.2.3 - Reflected Cross-Site Scripting — User Registration, Login Form, User Profile & Membership – ProfilePress (Formerly WP User Avatar) 6.1 -2021-12-13
CVE-2021-24954 ProfilePress < 3.2.3 - Reflected Cross-Site Scripting — User Registration, Login Form, User Profile & Membership – ProfilePress (Formerly WP User Avatar) 6.1 -2021-12-13

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.