CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21520

21520 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-24437	Favicon by RealFaviconGenerator <= 1.3.20 - Reflected Cross-Site Scripting (XSS) — Favicon by RealFaviconGenerator	6.1	-	2021-08-30
CVE-2021-39169	XSS vulnerability using dialog — misskey	8.0	High	2021-08-27
CVE-2021-39161	Cross-site scripting via category name in Discourse — discourse	4.4	Medium	2021-08-26
CVE-2021-1582	Cisco Application Policy Infrastructure Controller Stored Cross-Site Scripting Vulnerability — Cisco Application Policy Infrastructure Controller (APIC)	5.4	Medium	2021-08-25
CVE-2021-39136	Cross-site scripting vulnerability in file upload — basercms	8.7	High	2021-08-25
CVE-2021-28628	Adobe Experience Manager Cross-site Scripting vulnerability in inbox render.jsp — Experience Manager	6.3	Medium	2021-08-24
CVE-2021-28625	Adobe Experience Manager Cross-site Scripting vulnerability in inbox workitem.jsp — Experience Manager	6.3	Medium	2021-08-24
CVE-2021-3694	Cross-site Scripting (XSS) - Reflected in ledgersmb/ledgersmb — ledgersmb/ledgersmb	8.2	High	2021-08-23
CVE-2021-3693	Cross-site Scripting (XSS) - DOM in ledgersmb/ledgersmb — ledgersmb/ledgersmb	8.8	High	2021-08-23
CVE-2021-24658	Erident Custom Login and Dashboard < 3.5.9 - Authenticated Stored Cross-Site Scripting (XSS) — Erident Custom Login and Dashboard	4.8	-	2021-08-23
CVE-2021-24574	Simple Banner < 2.10.4 - Authenticated Stored XSS — Simple Banner	4.8	-	2021-08-23
CVE-2021-24571	HD Quiz < 1.8.4 - Authenticated Stored XSS — HD Quiz	5.4	-	2021-08-23
CVE-2021-24565	Contact Form 7 Captcha < 0.0.9 - CSRF to Stored XSS — Contact Form 7 Captcha	7.1	-	2021-08-23
CVE-2021-24564	WPFront Scroll Top < 2.0.6.07225 - Authenticated Stored XSS — WPFront Scroll Top	5.4	-	2021-08-23
CVE-2021-24561	WP SMS < 5.4.13 - Authenticated Stored Cross-Site Scripting — WP SMS	5.4	-	2021-08-23
CVE-2021-24558	Project Status <= 1.6 - Reflected Cross-Site Scripting (XSS) — Project Status	4.8	-	2021-08-23
CVE-2021-24556	Email Subscriber <= 1.1 - Unauthenticated Stored Cross-Site Scripting (XSS) — Email Subscriber	6.1	-	2021-08-23
CVE-2021-24547	KN Fix Your Title <= 1.0.1 - Authenticated Stored XSS — KN Fix Your Title	5.4	-	2021-08-23
CVE-2021-24533	Maintenance < 4.03 - Authenticated Stored XSS — Maintenance	4.8	-	2021-08-23
CVE-2021-24529	Grid Gallery < 1.2.5 - Authenticated Stored Cross Site Scripting (XSS) — Grid Gallery – Photo Image Grid Gallery	5.4	-	2021-08-23
CVE-2021-24531	Charitable – Donation Plugin < 1.6.51 - Authenticated Stored Cross-Site Scripting (XSS) — Charitable – Donation Plugin	5.4	-	2021-08-23
CVE-2021-24524	GiveWP < 2.12.0 - Authenticated Stored XSS — GiveWP – Donation Plugin and Fundraising Platform	4.8	-	2021-08-23
CVE-2021-24486	Simple Social Media Share Buttons < 3.2.3 - Contributor+ Stored XSS — Simple Social Media Share Buttons – Social Sharing for Everyone	5.4	-	2021-08-23
CVE-2021-3619	Rapid7 Velociraptor Notebooks Authenticated Persistent XSS — Velociraptor	3.5	Low	2021-08-17
CVE-2021-37710	Cross-Site Scripting via SVG media files — platform	8.0	High	2021-08-16
CVE-2021-38315	SP Project & Document Manager <= 4.25 Reflected Cross-Site Scripting — SP Project & Document Manager	6.1	Medium	2021-08-16
CVE-2021-34641	SEOPress <= 5.0.0 – 5.0.3 Authenticated Stored Cross-Site Scripting — SEOPress	6.4	Medium	2021-08-16
CVE-2021-22936	Pulse Secure Pulse Connect Secure 跨站脚本漏洞 — Pulse Connect Secure	6.1	-	2021-08-16
CVE-2021-34667	Calendar_plugin <= 1.0 Reflected Cross-Site Scripting — Calendar_plugin	6.1	Medium	2021-08-16
CVE-2021-34666	Add Sidebar <= 2.0.0 Reflected Cross-Site Scripting — Add Sidebar	6.1	Medium	2021-08-16

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21520 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21520