Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21519

21519 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24346 Stock in & out <= 1.0.4 - Reflected Cross-Site Scripting (XSS) — Stock in & out 5.4 -2021-06-14
CVE-2021-20293 Red Hat Resteasy 跨站脚本漏洞 — RESTEasy 6.1 -2021-06-10
CVE-2021-23854 Reflected XSS in page parameter — CPP Firmware 8.3 High2021-06-09
CVE-2021-23848 Reflected XSS in URL handler — CPP Firmware 8.3 High2021-06-09
CVE-2021-31832 Cross site scripting vulnerability in DLP Endpoint for Windows — McAfee Data Loss Prevention (DLP) Endpoint for Windows 5.2 Medium2021-06-09
CVE-2021-32671 XSS vulnerability with translator — core 10.0 Critical2021-06-07
CVE-2021-32670 Reflected cross-site scripting issue in Datasette — datasette 7.2 High2021-06-07
CVE-2021-24342 JNews < 8.0.6 - Reflected Cross-Site Scripting (XSS) — JNews 6.1 -2021-06-07
CVE-2021-24343 iFlyChat – WordPress Chat < 4.7.0 - Admin+ Stored Cross-Site Scripting (XSS) — iFlyChat – WordPress Chat 5.4 -2021-06-07
CVE-2021-24344 Easy Preloader <= 1.0.0 - Authenticated Stored Cross-Site Scripting (XSS) — Easy Preloader 4.8 -2021-06-07
CVE-2021-32641 Reflected XSS when using flashMessages — lock 8.1 High2021-06-04
CVE-2021-31830 Cross site Scripting (XSS) vulnerability in McAfee DBSec — McAfee Database Security (DBSec) 5.9 Medium2021-06-03
CVE-2021-28807 Post-Authentication Reflected XSS Vulnerability in Q'center — Q’center 7.7 High2021-06-03
CVE-2021-28806 DOM-Based XSS Vulnerability in QTS and QuTS hero — QTS 5.7 Medium2021-06-03
CVE-2021-3529 nooba -core 跨站脚本漏洞 — noobaa-core 7.1 -2021-06-02
CVE-2021-24322 Database Backup for WordPress < 2.4 - Authenticated Persistent Cross-Site Scripting (XSS) — Database Backup for WordPress 5.4 -2021-06-01
CVE-2021-24329 WP Super Cache < 1.7.3 - Authenticated Stored Cross-Site Scripting (XSS) — WP Super Cache 5.4 -2021-06-01
CVE-2021-24330 Funnel Builder by CartFlows < 1.6.13 - Authenticated Stored XSS via FB Pixel ID and Google Analytics ID — Funnel Builder by CartFlows – Create High Converting Sales Funnels For WordPress 4.8 -2021-06-01
CVE-2021-24331 Smooth Scroll Page Up/Down Buttons < 1.4 - Authenticated Stored XSS — Smooth Scroll Page Up/Down Buttons 4.8 -2021-06-01
CVE-2021-24334 Instant Images WordPress Plugin < 4.4.0.1 - Authenticated Stored XSS & XFS — Instant Images – One Click Unsplash Uploads 6.1 -2021-06-01
CVE-2021-24335 Car Repair Services < 4.0 - Unauthenticated Reflected XSS & XFS — Car Repair Services & Auto Mechanic 6.1 -2021-06-01
CVE-2021-24313 WP Prayer < 1.6.2 - Authenticated Stored Cross-Site Scripting (XSS) — WP Prayer 5.4 -2021-06-01
CVE-2021-24316 Mediumish <= 1.0.47 - Unauthenticated Reflected Cross-Site Scripting (XSS) — Mediumish 6.1 -2021-06-01
CVE-2021-24317 Listeo < 1.6.11 - Multiple XSS & XFS vulnerabilities — Listeo 6.1 -2021-06-01
CVE-2021-24319 Bello < 1.6.0 - Authenticated Cross-Site Scripting (XSS) and XFS — Bello - Directory & Listing 5.4 -2021-06-01
CVE-2021-24320 Bello < 1.6.0 - Unauthenticated Reflected XSS & XFS — Bello - Directory & Listing 7.2 -2021-06-01
CVE-2021-24309 Weekly Schedule < 3.4.3 - Authenticated Stored XSS — Weekly Schedule 5.4 -2021-06-01
CVE-2021-24310 Photo Gallery < 1.5.67 - Authenticated Stored Cross-Site Scripting via Gallery Title — Photo Gallery by 10Web – Mobile-Friendly Image Gallery 4.8 -2021-06-01
CVE-2021-32616 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in 1CDN — cdn 8.1 High2021-05-28
CVE-2020-25715 pki-core 跨站脚本漏洞 — pki-core 6.1 -2021-05-28

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21519 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.