Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21520

21520 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-32792 XSS vulnerability when using OIDCPreservePost On in mod_auth_openidc — mod_auth_openidc 3.1 Low2021-07-26
CVE-2020-7390 Sage X3 Syracuse Persistent XSS in Edit User page — X3 4.6 Medium2021-07-22
CVE-2021-1599 Cisco Unified Customer Voice Portal Cross-Site Scripting Vulnerability — Cisco Unified Customer Voice Portal (CVP) 5.4 Medium2021-07-22
CVE-2021-32745 Reflected Cross-Site-Scripting vulnerability — online 7.3 High2021-07-21
CVE-2021-22723 EVlink City、EVlink Parking 跨站脚本漏洞 — EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) 5.4 -2021-07-21
CVE-2021-22722 多款Schneider Electric产品跨站脚本漏洞 — EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) 5.4 -2021-07-21
CVE-2021-22706 EVlink City、EVlink Parking 和 EVlink Smart Wallbox 跨站脚本漏洞 — EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) 5.4 -2021-07-21
CVE-2021-32669 Cross-Site Scripting in Backend Grid View — TYPO3.CMS 6.4 Medium2021-07-20
CVE-2021-32668 Cross-Site Scripting in Query Generator & Query View — TYPO3.CMS 6.4 Medium2021-07-20
CVE-2021-32667 Cross-Site Scripting in Page Preview — TYPO3.CMS 6.4 Medium2021-07-20
CVE-2021-24482 Related Posts for WordPress <= 2.0.4 - Authenticated Stored XSS & XFS — Related Posts for WordPress 4.8 -2021-07-19
CVE-2021-24452 W3 Total Cache < 2.1.5 - Reflected XSS in Extensions Page (JS Context) — W3 Total Cache 6.1 -2021-07-19
CVE-2021-24436 W3 Total Cache < 2.1.4 - Reflected XSS in Extensions Page (Attribute Context) — W3 Total Cache 6.1 -2021-07-19
CVE-2021-21803 Advantech R-SeeNet 跨站脚本漏洞 — Advantech 6.1 -2021-07-16
CVE-2021-21802 Advantech R-SeeNet 跨站脚本漏洞 — Advantech 6.1 -2021-07-16
CVE-2021-21801 Advantech R-SeeNet 跨站脚本漏洞 — Advantech 6.1 -2021-07-16
CVE-2021-21800 Advantech R-SeeNet 跨站脚本漏洞 — Advantech 6.1 -2021-07-16
CVE-2021-21799 Advantech R-SeeNet 跨站脚本漏洞 — Advantech 6.1 -2021-07-16
CVE-2021-32764 YouTube Onebox susceptible to XSS — discourse 8.1 High2021-07-15
CVE-2021-3043 Prisma Cloud: Cross-Site Scripting (XSS) Vulnerability in Prisma Cloud Compute Web Console — Prisma Cloud Compute 7.5 High2021-07-15
CVE-2021-33710 Siemens Teamcenter Active Workspace 跨站脚本漏洞 — Teamcenter Active Workspace V4 6.1 -2021-07-13
CVE-2021-32733 XSS in Nextcloud Text application — security-advisories 4.8 Medium2021-07-12
CVE-2021-24454 YOP Poll < 6.2.8 - Stored Cross-Site Scripting — YOP Poll 6.1 -2021-07-12
CVE-2021-24440 Sign-up Sheets < 1.0.14 - Authenticated Stored Cross-Site Scripting (XSS) — Sign-up Sheets 4.8 -2021-07-12
CVE-2021-24439 Browser Screenshots < 1.7.6 - Contributor+ Stored XSS — Browser Screenshots 5.4 -2021-07-12
CVE-2021-24434 Glass <= 1.3.2 - CSRF to Stored Cross-Site Scripting (XSS) — Glass 6.1 -2021-07-12
CVE-2021-24429 Salon Booking System < 6.3.1 - Unauthenticated Stored Cross-Site Scripting (XSS) — Salon booking system 5.4 -2021-07-12
CVE-2021-24426 Backup by 10Web <= 1.0.20 - Reflected Cross-Site Scripting (XSS) — Backup by 10Web – Backup and Restore Plugin 4.8 -2021-07-12
CVE-2021-24427 W3 Total Cache < 2.1.3 - Authenticated Stored XSS — W3 Total Cache 4.8 -2021-07-12
CVE-2021-24424 WP Reset < 1.90 - Authenticated Stored XSS — WP Reset – Most Advanced WordPress Reset Tool 4.8 -2021-07-12

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21520 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.