Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21523

21523 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24619 Per Page Add to Head <= 1.4.4 - Authenticated Stored XSS — Per page add to head 4.8 -2021-09-13
CVE-2021-24614 Book appointment Online < 1.39 - Authenticated Stored Cross-Site Scripting (XSS) — Book appointment online 4.8 -2021-09-13
CVE-2021-24605 Custom Post View Generator <= 0.4.6 - Reflected Cross-Site Scripting — Custom Post View Generator 5.4 -2021-09-13
CVE-2021-24560 Software License Manager < 4.4.8 - Reflected Cross-Site Scripting — Software License Manager 6.1 -2021-09-13
CVE-2021-24523 Daily Prayer Time < 2021.08.10 - Authenticated Stored XSS — Daily Prayer Time 5.4 -2021-09-13
CVE-2021-24508 Smash Balloon Social Post Feed < 2.19.2 - Unauthenticated Stored XSS — Smash Balloon Social Post Feed 6.1 -2021-09-13
CVE-2021-24431 Language Bar Flags <= 1.0.8 - CSRF to Stored XSS — Language Bar Flags 5.4 -2021-09-13
CVE-2021-22528 Information leakage vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1 — NetIQ Access Manager 8.0 High2021-09-13
CVE-2021-3646 Cross-site Scripting (XSS) - Reflected in btcpayserver/btcpayserver — btcpayserver/btcpayserver 5.4 -2021-09-10
CVE-2021-38357 SMS OVH <= 0.1 Reflected Cross-Site Scripting — SMS OVH 6.1 Medium2021-09-10
CVE-2021-38358 MoolaMojo <= 0.7.4.1 Reflected Cross-Site Scripting — MoolaMojo 6.1 Medium2021-09-10
CVE-2021-38359 WordPress InviteBox Plugin <= 1.4.1 Reflected Cross-Site Scripting — WordPress InviteBox Plugin 6.1 Medium2021-09-10
CVE-2021-38354 GNU-Mailman Integration <= 1.0.6 Reflected Cross-Site Scripting — GNU-Mailman Integration 6.1 Medium2021-09-10
CVE-2021-38327 YouTube Video Inserter <= 1.2.1.0 Reflected Cross-Site Scripting — YouTube Video Inserter 6.1 Medium2021-09-10
CVE-2021-38339 Simple Matted Thumbnails <= 1.01 Reflected Cross-Site Scripting — Simple Matted Thumbnails 6.1 Medium2021-09-10
CVE-2021-38347 Custom Website Data <= 2.2 Reflected Cross-Site Scripting — Custom Website Data 6.1 Medium2021-09-10
CVE-2021-38355 Bug Library <= 2.0.3 Reflected Cross-Site Scripting — Bug Library 6.1 Medium2021-09-10
CVE-2021-38336 Edit Comments XT <= 1.0 Reflected Cross-Site Scripting — Edit Comments XT 6.1 Medium2021-09-10
CVE-2021-38335 Wise Agent Capture Forms <= 1.0 Reflected Cross-Site Scripting — Wise Agent Capture Forms 6.1 Medium2021-09-10
CVE-2021-38329 DJ EmailPublish <= 1.7.2 Reflected Cross-Site Scripting — DJ EmailPublish 6.1 Medium2021-09-10
CVE-2021-38328 Notices <= 6.1 Reflected Cross-Site Scripting — Notices 6.1 Medium2021-09-10
CVE-2021-38338 Border Loading Bar <= 1.0.1 Reflected Cross-Site Scripting — Border Loading Bar 6.1 Medium2021-09-10
CVE-2021-38331 WP-T-Wap <= 1.13.2 Reflected Cross-Site Scripting — WP-T-Wap 6.1 Medium2021-09-10
CVE-2021-38333 WP Scrippets <= 1.5.1 Reflected Cross-Site Scripting — WP Scrippets 6.1 Medium2021-09-10
CVE-2021-38352 Feedify – Web Push Notifications <= 2.1.8 Reflected Cross-Site Scripting — Feedify – Web Push Notifications 6.1 Medium2021-09-10
CVE-2021-38341 WooCommerce Payment Gateway Per Category <= 2.0.10 Reflected Cross-Site Scripting — WooCommerce Payment Gateway Per Category 6.1 Medium2021-09-10
CVE-2021-38340 Wordpress Simple Shop <= 1.2 Reflected Cross-Site Scripting — Wordpress Simple Shop 6.1 Medium2021-09-10
CVE-2021-38349 Integration of Moneybird for WooCommerce <= 2.1.1 Reflected Cross-Site Scripting — Integration of Moneybird for WooCommerce 6.1 Medium2021-09-10
CVE-2021-38353 Dropdown and scrollable Text <= 2.0 Reflected Cross-Site Scripting — Dropdown and scrollable Text 6.1 Medium2021-09-10
CVE-2021-38326 Post Title Counter <= 1.1 Reflected Cross-Site Scripting — Post Title Counter 6.1 Medium2021-09-10

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21523 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.