Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21519

21519 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-32818 Remote code execution and Reflected cross site scripting in haml-coffee — haml-coffee 7.7 High2021-05-14
CVE-2021-24286 Redirect 404 to Parent < 1.3.1 - Reflected Cross-Site Scripting (XSS) — Redirect 404 to parent 6.1 -2021-05-14
CVE-2021-24287 Select All Categories and Taxonomies < 1.3.2 - Reflected Cross-Site Scripting (XSS) — Select All Categories and Taxonomies, Change Checkbox to Radio Buttons 6.1 -2021-05-14
CVE-2021-24291 Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS) — Photo Gallery by 10Web – Mobile-Friendly Image Gallery 6.1 -2021-05-14
CVE-2021-24283 Accordion < 2.2.30 - Authenticated Reflected Cross-Site Scripting (XSS) — Accordion 6.1 -2021-05-14
CVE-2021-24277 RSS for Yandex Turbo < 1.30 - Authenticated Stored Cross-Site Scripting (XSS) — RSS for Yandex Turbo 5.4 -2021-05-14
CVE-2021-20994 WAGO: Managed Switches: Reflected Cross-site Scripting — 0852-0303 8.8 High2021-05-13
CVE-2021-32544 Intelligent global technology Ltd, igt+ - DOM-based Cross-Site Scripting — igt+ 5.4 Medium2021-05-11
CVE-2021-30174 RiyaLab Co., Ltd. CloudISO - Stored XSS — CloudISO 5.4 Medium2021-05-11
CVE-2021-30172 Jun-He Technology Ltd. Quan-Fang-Wei-Tong-Xun system - Reflected XSS — Quan-Fang-Wei-Tong-Xun system 4.6 Medium2021-05-07
CVE-2021-30171 Jun-He Technology Ltd. ERP POS - Stored XSS-2 — ERP POS 4.6 Medium2021-05-07
CVE-2021-30170 Jun-He Technology Ltd. ERP POS - Stored XSS-1 — ERP POS 4.6 Medium2021-05-07
CVE-2021-1507 Cisco SD-WAN vManage API Stored Cross-Site Scripting Vulnerability — Cisco SD-WAN vManage 6.4 Medium2021-05-06
CVE-2021-1490 Cisco Web Security Appliance Cross-Site Scripting Vulnerability — Cisco Web Security Appliance (WSA) 4.7 Medium2021-05-06
CVE-2021-24246 WorkScout Core < 1.3.4 - Authenticated Stored XSS & XFS — Workscout Core 5.4 -2021-05-05
CVE-2021-24247 Contact Form Check Tester <= 1.0.2 - Broken Access Control to Cross-Site Scripting (XSS) — Contact Form Check Tester 5.4 -2021-05-05
CVE-2021-24250 Business Directory Plugin < 5.11.2 - Authenticated Stored Cross-Site Scripting — Business Directory Plugin – Easy Listing Directories for WordPress 5.4 -2021-05-05
CVE-2021-24214 OpenID Connect Generic Client 3.8.0-3.8.1 - Reflected Cross Site Scripting (XSS) via Login Error — OpenID Connect Generic Client 6.1 -2021-05-05
CVE-2021-24243 WPBakery Page Builder Clipboard < 4.5.6 - Subscriber+ Stored Cross-Site Scripting (XSS) — WPBakery Page Builder (Visual Composer) Clipboard 5.4 -2021-05-05
CVE-2021-24245 Stop Spammers < 2021.9 - Reflected Cross-Site Scripting (XSS) — Stop Spammers 6.1 -2021-05-05
CVE-2021-24274 Ultimate Maps by Supsystic < 1.2.5 - Reflected Cross-Site scripting (XSS) — Ultimate Maps by Supsystic 6.1 -2021-05-05
CVE-2021-24275 Popup by Supsystic < 1.10.5 - Reflected Cross-Site scripting (XSS) — Popup by Supsystic 6.1 -2021-05-05
CVE-2021-24276 Contact Form by Supsystic < 1.7.15 - Reflected Cross-Site scripting (XSS) — Contact Form by Supsystic 6.1 -2021-05-05
CVE-2021-24293 NextGEN Gallery Pro < 3.1.11 - Reflected Cross-Site Scripting (XSS) — NextGen Gallery Pro 6.1 -2021-05-05
CVE-2021-24265 Rife Elementor Extensions & Templates < 1.1.6 - Contributor+ Stored XSS — Rife Elementor Extensions & Templates 5.4 -2021-05-05
CVE-2021-24266 The Plus Addons for Elementor Page Builder Lite < 2.0.6 - Contributor+ Stored XSS — The Plus Addons for Elementor Page Builder Lite 5.4 -2021-05-05
CVE-2021-24267 All-in-One Addons for Elementor - WidgetKit < 2.3.10 - Contributor+ Stored XSS — All-in-One Addons for Elementor – WidgetKit 5.4 -2021-05-05
CVE-2021-24268 JetWidgets For Elementor < 1.0.9 - Contributor+ Stored XSS — JetWidgets For Elementor 5.4 -2021-05-05
CVE-2021-24269 Sina Extension for Elementor < 3.3.12 - Contributor+ Stored XSS — Sina Extension for Elementor 5.4 -2021-05-05
CVE-2021-24270 DethemeKit For Elementor < 1.5.5.5 - Contributor+ Stored XSS — DethemeKit For Elementor 5.4 -2021-05-05

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21519 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.