Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21527

21527 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24664 WPSchoolPress < 2.1.17 - Multiple Admin+ Stored Cross-Site Scripting — School Management System – WPSchoolPress 4.8 -2021-11-08
CVE-2021-24646 Booking.com Banner Creator < 1.4.3 - Admin+ Stored Cross-Site Scripting — Booking.com Banner Creator 4.8 -2021-11-08
CVE-2021-24645 Booking.com Product Helper < 1.0.2 - Admin+ Stored Cross-Site Scripting — Booking.com Product Helper 4.8 -2021-11-08
CVE-2021-24616 AddToAny Share Buttons < 1.7.48 - Admin+ Stored Cross-Site Scripting — AddToAny Share Buttons 4.8 -2021-11-08
CVE-2021-24607 Storefront Footer Text <= 1.0.1 - Admin+ Stored Cross-Site Scripting — Storefront Footer Text 4.8 -2021-11-08
CVE-2021-24594 Translate WordPress - Google Language Translator < 6.0.12 - Admin+ Stored Cross-Site Scripting — Translate WordPress – Google Language Translator 4.8 -2021-11-08
CVE-2021-25978 Apostrophe - XSS — Apostrophe 5.4 Medium2021-11-07
CVE-2021-41248 XSS vulnerability in GraphiQL — graphiql 7.1 High2021-11-04
CVE-2021-41249 XSS vulnerability in GraphQL Playground — graphql-playground 7.1 High2021-11-04
CVE-2021-34731 Cisco Prime Access Registrar Stored Cross-Site Scripting Vulnerability — Cisco Prime Access Registrar 4.8 Medium2021-11-04
CVE-2021-34784 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability — Cisco Prime Infrastructure 5.4 Medium2021-11-04
CVE-2021-40115 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability — Cisco Webex Video Mesh 6.1 Medium2021-11-04
CVE-2021-38488 Delta Electronics DIALink — DIALink 5.5 Medium2021-11-03
CVE-2021-38428 Delta Electronics DIALink — DIALink 5.5 Medium2021-11-03
CVE-2021-38407 Delta Electronics DIALink — DIALink 5.5 Medium2021-11-03
CVE-2021-38403 Delta Electronics DIALink — DIALink 5.5 Medium2021-11-03
CVE-2021-38411 Delta Electronics DIALink — DIALink 5.5 Medium2021-11-03
CVE-2021-41174 XSS vulnerability allowing arbitrary JavaScript execution — grafana 6.9 Medium2021-11-03
CVE-2021-41134 Stored XSS in Jupyter nbdime — nbdime 8.7 High2021-11-03
CVE-2021-33611 Reflected cross-site scripting in vaadin-menu-bar webjar resources in Vaadin 14 — Vaadin 6.1 Medium2021-11-02
CVE-2021-39340 Notification – Custom Notifications and Alerts for WordPress <= 7.2.4 Authenticated Stored Cross-Site Scripting — Notification – Custom Notifications and Alerts for WordPress 4.8 Medium2021-11-01
CVE-2021-38356 NextScripts: Social Networks Auto-Poster <= 4.3.20 Reflected Cross-Site Scripting — NextScripts: Social Networks Auto-Poster 6.1 Medium2021-11-01
CVE-2021-39346 Google Maps Easy <= 1.9.33 Authenticated Stored Cross-Site Scripting — Google Maps Easy 4.8 Medium2021-11-01
CVE-2021-31848 Data Loss Prevention (DLP) ePO extension - Cross site scripting (XSS) — Data Loss Prevention (DLP) ePO extension 8.4 High2021-11-01
CVE-2021-24813 Events Made Easy < 2.2.24 - Admin+ Stored Cross-Site Scripting — Events Made Easy 4.8 -2021-11-01
CVE-2021-24808 BP Better Messages < 1.9.9.41 - Reflected Cross-Site Scripting — BP Better Messages 6.1 -2021-11-01
CVE-2021-24794 Connections Business Directory < 10.4.3 - Admin+ Stored Cross-Site Scripting — Connections Business Directory 4.8 -2021-11-01
CVE-2021-24793 WPeMatico RSS Feed Fetcher < 2.6.12 - Admin+ Stored Cross-Site Scripting — WPeMatico RSS Feed Fetcher 4.8 -2021-11-01
CVE-2021-24789 Flat Preloader < 1.5.5 - Admin+ Stored Cross-Site Scripting — Flat Preloader 4.8 -2021-11-01
CVE-2021-24773 WordPress Download Manager < 3.2.16 - Admin+ Stored Cross-Site Scripting — WordPress Download Manager 4.8 -2021-11-01

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21527 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.