Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21524

21524 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-29109 A reflected XSS vulnerability in Esri Portal for ArcGIS version 10.9. — Portal for ArcGIS 6.1 -2021-10-01
CVE-2021-38675 Stored XSS Vulnerability in Image2PDF — Image2PDF 5.4 Medium2021-10-01
CVE-2021-34356 Stored XSS Vulnerability in Photo Station — Photo Station 7.6 High2021-10-01
CVE-2021-34355 Stored XSS Vulnerability in Photo Station — Photo Station 7.6 High2021-10-01
CVE-2021-34354 Stored Cross-site Scripting Vulnerability in Photo Station — Photo Station 7.6 High2021-10-01
CVE-2021-41101 CORS `Access-Control-Allow-Origin` settings are too lenient — wire-server 5.7 Medium2021-09-30
CVE-2021-25963 Shuup - Reflected XSS in Error Page — shuup 6.1 Medium2021-09-30
CVE-2021-25959 OpenCRX - Reflected Cross-Site Scripting in Password Reset Functionality — opencrx-core-config 6.1 Medium2021-09-29
CVE-2021-41095 XSS via blocked watched word in error message — discourse 4.2 Medium2021-09-27
CVE-2021-40714 Adobe Experience Manager Reflected Cross Site Scripting via accesskey parameter — Experience Manager 6.1 Medium2021-09-27
CVE-2021-40711 Adobe Experience Manager Stored Cross-Site Scripting Could Lead to Arbitrary Code Execution — Experience Manager 5.4 Medium2021-09-27
CVE-2021-36845 YITH Maintenance Mode (WordPress plugin) <= 1.3.8 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities — YITH Maintenance Mode (WordPress plugin) 6.9 Medium2021-09-27
CVE-2021-36841 YITH Maintenance Mode (WordPress plugin) <= 1.3.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability. — YITH Maintenance Mode (WordPress plugin) 6.9 Medium2021-09-27
CVE-2021-36875 WordPress uListing plugin <= 2.0.5 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability — Directory Listings WordPress plugin – uListing 5.9 Medium2021-09-27
CVE-2021-24671 MX Time Zone Clocks < 3.4.1 - Contributor+ Cross-Site Scripting — MX Time Zone Clocks 5.4 -2021-09-27
CVE-2021-24670 CoolClock < 4.3.5 - Contributor+ Stored Cross-Site Scripting — CoolClock – a Javascript Analog Clock 5.4 -2021-09-27
CVE-2021-24660 PostX Gutenberg Blocks Saved Templates Addon < 2.4.10 - Contributor+ Stored Cross-Site Scripting — PostX – Gutenberg Blocks for Post Grid 5.4 -2021-09-27
CVE-2021-24659 PostX Gutenberg Blocks for Post Grid < 2.4.10 - Contributor+ Stored Cross-Site Scripting — PostX – Gutenberg Blocks for Post Grid 5.4 -2021-09-27
CVE-2021-24643 WP Map Block < 1.2.3 - Contributor+ Stored Cross-Site Scripting — WP Map Block – Gutenberg Map Block for Google Map and OpenStreet Map 5.4 -2021-09-27
CVE-2021-24634 Recipe Card Blocks < 2.8.3 - Contributor+ Stored Cross-Site Scripting — Recipe Card Blocks by WPZOOM 5.4 -2021-09-27
CVE-2021-24632 Recipe Card Blocks < 2.8.1 - Reflected Cross-Site Scripting — Recipe Card Blocks by WPZOOM 6.1 -2021-09-27
CVE-2021-24610 TranslatePress < 2.0.9 - Authenticated Stored Cross-Site Scripting — Translate Multilingual sites – TranslatePress 5.4 -2021-09-27
CVE-2021-24569 Cookie Notice & Compliance for GDPR / CCPA < 2.1.2 - Admin+ Stored Cross-Site Scripting — Cookie Notice & Compliance for GDPR / CCPA 4.8 -2021-09-27
CVE-2021-23054 F5 BIG-IP APM 跨站脚本漏洞 — BIG-IP APM 5.4 -2021-09-27
CVE-2021-3830 Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver — btcpayserver/btcpayserver 5.4 -2021-09-26
CVE-2021-36823 WordPress Absolutely Glamorous Custom Admin plugin <= 6.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — AGCA - Absolutely Glamorous Custom Admin (WordPress plugin) 6.6 Medium2021-09-23
CVE-2021-36873 WordPress iQ Block Country plugin <= 1.2.11 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability — iQ Block Country 5.5 Medium2021-09-23
CVE-2021-36872 WordPress Popular Posts plugin <= 5.3.3 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability — WordPress Popular Posts 5.5 Medium2021-09-23
CVE-2021-22948 revive-adserver 安全特征问题漏洞 — https://github.com/revive-adserver/revive-adserver 9.1 -2021-09-23
CVE-2021-37860 Mattermost 跨站脚本漏洞 — Mattermost 3.7 Low2021-09-22

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21524 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.