Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21521

21521 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24568 AddToAny < 1.7.46 - Authenticated Stored XSS — AddToAny Share Buttons 4.8 -2021-09-06
CVE-2021-24517 Stop Spammers Security < 2021.18 - Authenticated Stored XSS — Stop Spammers Security | Block Spam Users, Comments, Forms 4.8 -2021-09-06
CVE-2021-24513 Form Builder < 1.9.8.4 - Authenticated Stored Cross-Site Scripting — Form Builder | Create Responsive Contact Forms 4.8 -2021-09-06
CVE-2021-24435 Titan Framework <= 1.12.1 - Reflected Cross-Site Scripting (XSS) — Titan Framework 6.1 -2021-09-06
CVE-2021-39322 Easy Social Icons <= 3.0.8 - Reflected Cross-Site Scripting — Easy Social Icons 6.1 Medium2021-09-02
CVE-2021-34759 Cisco Identity Services Engine Cross-Site Scripting Vulnerability — Cisco Identity Services Engine Software 4.8 Medium2021-09-02
CVE-2021-34732 Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability — Cisco Prime Collaboration Provisioning 6.1 Medium2021-09-02
CVE-2021-36063 Adobe Connect Reflected Cross-site Scripting via 'isTabletDeviceHTML' parameter — Connect 5.4 Medium2021-09-01
CVE-2021-36062 Adobe Connect Reflected Cross-site Scripting via 'campaign-id' parameter — Connect 5.4 Medium2021-09-01
CVE-2021-36027 Magento Commerce Stored Cross-site Scripting Vulnerability — Magento Commerce 6.5 Medium2021-09-01
CVE-2021-36026 Magento Commerce Stored Cross-site Scripting Vulnerability — Magento Commerce 6.5 Medium2021-09-01
CVE-2021-39320 underConstruction <= 1.18 - Reflected Cross-Site Scripting — underConstruction 6.1 Medium2021-09-01
CVE-2021-39166 Improper Neutralization of Text-Values in Object Version Preview — pimcore 8.0 High2021-09-01
CVE-2021-35238 Stored XSS through URL POST parameter in CreateExternalWebsite Vulnerability — Orion Platform 4.8 Medium2021-09-01
CVE-2021-35240 Stored XSS via Help Server settings — Orion Platform 6.5 Medium2021-08-31
CVE-2021-35239 Stored XSS in Maps text box hyperlink Vulnerability — Orion Platform 7.5 High2021-08-31
CVE-2021-35222 Resource.aspx Reflected Cross-Site Scripting Vulnerability — Orion Platform 8.0 High2021-08-31
CVE-2021-34562 A vulnerability in WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response — WHA-GW-F2D2-0-AS- Z2-ETH 5.4 Medium2021-08-31
CVE-2021-39178 XSS in Image Optimization API for Next.js versions between 10.0.0 and 11.1.0 — next.js 7.5 High2021-08-30
CVE-2021-34668 WordPress Real Media Library <= 4.14.1 Author-only Stored Cross-Site Scripting — WordPress Real Media Library 6.4 Medium2021-08-30
CVE-2021-3628 OpenKM Document Management Community vulnerable to Cross Site Scripting — Document Management Community 4.6 Medium2021-08-30
CVE-2021-27909 XSS vulnerability on password reset page — Mautic 6.3 Medium2021-08-30
CVE-2021-27912 XSS vulnerability on asset view — Mautic 7.1 High2021-08-30
CVE-2021-27911 XSS vulnerability on contacts view — Mautic 8.3 High2021-08-30
CVE-2021-27910 Stored XSS vulnerability on Bounce Management Callback — Mautic 8.2 High2021-08-30
CVE-2021-24667 Gallery Blocks with Lightbox < 2.2.1- Authenticated Stored Cross-Site Scripting — Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery 5.4 -2021-08-30
CVE-2021-24665 WP Video Lightbox < 1.9.3 - Contributor+ Stored Cross-Site Scripting — WP Video Lightbox 5.4 -2021-08-30
CVE-2021-24593 Business Hours Indicator < 2.3.5 - Authenticated Stored XSS — Business Hours Indicator 5.4 -2021-08-30
CVE-2021-24592 Sitewide Notice WP < 2.3 - Authenticated Stored XSS — Sitewide Notice WP 4.8 -2021-08-30
CVE-2021-24528 FluentSMTP < 2.0.1 - Authenticated Stored XSS — FluentSMTP – WordPress Mail SMTP, SES, SendGrid, Mailgun and Any SMTP Plugin 5.4 -2021-08-30

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21521 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.