Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21517

21517 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-22540 XSS in Dart SDK — Dart SDK 6.1 -2021-04-22
CVE-2021-29459 XSS Cross Site Scripting — xwiki-platform 9.6 Critical2021-04-20
CVE-2021-29434 Improper validation of URLs ('Cross-site Scripting') in Wagtail rich text fields — wagtail 6.1 Medium2021-04-19
CVE-2018-19942 Cross-site Scripting Vulnerability in File Station — QTS 6.1 -2021-04-16
CVE-2021-29448 Stored DOM XSS in Pi-hole Admin Web Interface — AdminLTE 7.6 High2021-04-15
CVE-2021-21087 ColdFusion Improper neutralization of web input during page generation could lead to arbitrary JavaScript execution in the browser — ColdFusion 6.1 -2021-04-15
CVE-2021-29438 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in @nextcloud/dialogs — nextcloud-dialogs 4.6 Medium2021-04-13
CVE-2021-24229 Patreon WordPress < 1.7.2 - Reflected XSS on patreon_save_attachment_patreon_level AJAX action — Patreon WordPress 9.6 -2021-04-12
CVE-2021-24228 Patreon WordPress < 1.7.2 - Reflected XSS on Login Form — Patreon WordPress 9.6 -2021-04-12
CVE-2021-24225 Advanced Booking Calendar < 1.6.7 - Authenticated Reflected Cross-Site Scripting (XSS) — Advanced Booking Calendar 5.4 -2021-04-12
CVE-2021-24213 GiveWP < 2.10.0 - Reflected Cross Site Scripting (XSS) — GiveWP – Donation Plugin and Fundraising Platform 6.1 -2021-04-12
CVE-2021-22510 Jenkins Core 跨站脚本漏洞 — Micro Focus Application Automation Tools Plugin - Jenkins plugin 6.1 -2021-04-08
CVE-2021-1463 Cisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability — Cisco Unified Contact Center Express 6.1 Medium2021-04-08
CVE-2021-24211 WordPress Related Posts <= 3.6.4 - Authenticated Stored Cross-Site Scripting (XSS) — WordPress Related Posts 5.4 -2021-04-05
CVE-2021-24201 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Column Element — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24202 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Heading Widget — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24203 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Divider Widget — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24204 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Accordion Widget — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24205 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Icon Box Widget — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24206 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Image Box Widget — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24208 WP Page Builder < 1.2.4 - Multiple Stored Cross-Site scripting (XSS) — WP Page Builder 5.4 -2021-04-05
CVE-2021-24177 WP File Manager < 7.1 - Reflected Cross-Site Scripting (XSS) — File Manager 5.4 -2021-04-05
CVE-2021-24180 Related Posts for WordPress < 2.0.4 - Authenticated Reflected Cross-Site Scripting (XSS) — Related Posts for WordPress 5.4 -2021-04-05
CVE-2021-24187 SEO Redirection < 6.4 - Authenticated Reflected Cross-Site Scripting (XSS) — SEO Redirection Plugin - 301 Redirect Manager 6.1 -2021-04-05
CVE-2021-24196 Social Slider Widget < 1.8.5 - Authenticated Reflected Cross-Site Scripting (XSS) — Social Slider Widget 5.4 -2021-04-05
CVE-2021-24168 Easy Contact Form Pro < 1.1.1.9 - Authenticated Stored Cross-Site Scripting (XSS) — Easy Contact Form Pro 5.4 -2021-04-05
CVE-2021-24169 Advanced Order Export For WooCommerce < 3.1.8 - Reflected Cross-Site Scripting (XSS) — Advanced Order Export For WooCommerce 6.1 -2021-04-05
CVE-2021-24176 JH 404 Logger <= 1.1 - Unauthenticated Stored Cross-Site Scripting (XSS) — JH 404 Logger 5.4 -2021-04-05
CVE-2021-24152 Popup Builder < 3.74 - Authenticated Reflected Cross-Site Scripting (XSS) — Popup Builder – Responsive WordPress Pop up – Subscription & Newsletter 6.1 -2021-04-05
CVE-2021-24153 Yoast SEO < 3.4.1 - Authenticated Stored Cross-Site Scripting (XSS) — Yoast SEO 5.4 -2021-04-05

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21517 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.