Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21519

21519 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24420 Request a Quote < 2.3.4 - Authenticated Stored XSS — Request a Quote 5.4 -2021-07-12
CVE-2021-24419 WP YouTube Lyte < 1.7.16 - Authenticated Stored XSS — WP YouTube Lyte 4.8 -2021-07-12
CVE-2021-24418 Smooth Scroll Page Up/Down Buttons <= 1.4 - Authenticated Stored XSS via psb_positioning — Smooth Scroll Page Up/Down Buttons 4.8 -2021-07-12
CVE-2021-24409 Prismatic < 2.8 - Reflected Cross-Site Scripting (XSS) — Prismatic 6.1 -2021-07-12
CVE-2021-24408 Prismatic < 2.8 - Contributor+ Stored XSS — Prismatic 5.4 -2021-07-12
CVE-2021-24365 Admin Columns Free (< 4.3.2) & Pro (< 5.5.2) - Authenticated Stored Cross-Site Scripting (XSS) in Custom Field — Admin Columns 5.4 -2021-07-12
CVE-2021-29104 There is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below. — ArcGIS Server 6.1 -2021-07-11
CVE-2021-29103 There is a reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below. — ArcGIS Server 6.1 -2021-07-11
CVE-2021-29105 There is a stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below. — ArcGIS Server 5.4 -2021-07-11
CVE-2021-29106 There is a reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below. — ArcGIS Server 6.1 -2021-07-10
CVE-2021-29107 There is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below. — ArcGIS Server 6.1 -2021-07-10
CVE-2021-1607 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities — Cisco Identity Services Engine Software 4.8 Medium2021-07-08
CVE-2021-1606 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities — Cisco Identity Services Engine Software 4.8 Medium2021-07-08
CVE-2021-1605 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities — Cisco Identity Services Engine Software 4.8 Medium2021-07-08
CVE-2021-1604 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities — Cisco Identity Services Engine Software 4.8 Medium2021-07-08
CVE-2021-1603 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities — Cisco Identity Services Engine Software 4.8 Medium2021-07-08
CVE-2021-1575 Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability — Cisco Virtualized Voice Browser 6.1 Medium2021-07-08
CVE-2021-34625 WP Upload Restriction <= 2.2.3 - Authenticated Stored Cross-Site Scripting — WP Upload Restriction 6.4 Medium2021-07-07
CVE-2021-24494 WP Offload SES Lite < 1.4.5 - Stored Cross-Site Scripting (XSS) — WP Offload SES Lite 5.4 -2021-07-06
CVE-2021-24407 Jannah < 5.4.5 - Reflected Cross-Site Scripting (XSS) — Jannah 6.1 -2021-07-06
CVE-2021-24389 FoodBakery < 2.2 - Reflected Cross-Site Scripting (XSS) — WP Foodbakery 6.1 -2021-07-06
CVE-2021-24387 Real Estate 7 < 3.1.1 - Reflected Cross-Site Scripting (XSS) — WP Pro Real Estate 7 6.1 -2021-07-06
CVE-2021-24388 Vik Rent Car < 1.1.7 - CSRF to Stored XSS — VikRentCar Car Rental Management System 5.4 -2021-07-06
CVE-2021-24386 WP SVG Images < 3.4 - Authenticated (author+) Stored XSS via SVG — WP SVG images 5.4 -2021-07-06
CVE-2021-33192 Display information UI XSS — Apache Jena Fuseki 6.1 -2021-07-05
CVE-2021-32737 XSS Injection in Media Collection Title was possible — sulu 8.4 High2021-07-02
CVE-2020-36194 XSS Vulnerability in QTS and QuTS heroCommand Injection Vulnerabilities in QTS and QuTS hero — QTS 6.1 Medium2021-07-01
CVE-2021-21084 Adobe Experience Manager stored cross-site scripting vulnerability in resource resolver factory could lead to arbitrary code execution — Experience Manager 7.3 High2021-06-28
CVE-2021-28556 Magento Commerce DOM-based cross-site scripting (XSS) could lead to arbitrary javascript execution — Magento Commerce 6.9 Medium2021-06-28
CVE-2021-21004 Cross-site Scripting Vulnerability in Phoenix Contact FL SWITCH SMCS series products — FL SWITCH 7.4 High2021-06-25

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21519 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.