Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21506

21506 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-21358 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form — TYPO3.CMS 5.4 Medium2021-03-23
CVE-2021-27436 研华 Advantech WebAccess/SCADA 跨站脚本漏洞 — Advantech WebAccess/SCADA 6.1 -2021-03-18
CVE-2021-21383 XSS in Wiki.js — wiki 7.6 High2021-03-18
CVE-2021-24147 Modern Events Calendar Lite < 5.16.5 - Authenticated Stored Cross-Site Scripting (XSS) — Modern Events Calendar Lite 5.4 -2021-03-18
CVE-2021-24134 Constant Contact Forms < 1.8.8 - Multiple Authenticated Stored XSS — Constant Contact Forms 4.8 -2021-03-18
CVE-2021-24135 WP Customer Reviews < 3.4.3 - Multiple Unauthenticated and Low Priv Authenticated Stored XSS — WP Customer Reviews 5.4 -2021-03-18
CVE-2021-24136 Testimonials Widget < 4.0.0 - Multiple Authenticated Stored XSS — Testimonials Widget 5.4 -2021-03-18
CVE-2021-24124 WP Shieldon 1.6.3 - Unauthenticated Cross-Site Scripting (XSS) — WP Shieldon 6.1 -2021-03-18
CVE-2021-24126 Envira Gallery Lite < 1.8.3.3 - Authenticated Stored Cross-Site Scripting — Envira Gallery Lite 5.4 -2021-03-18
CVE-2021-24127 ThirstyAffiliates < 3.9.3 - Authenticated Stored XSS — ThirstyAffiliates 5.4 -2021-03-18
CVE-2021-24128 Team Members < 5.0.4 - Authenticated Stored Cross-Site Scripting (XSS) — Team Members 5.4 -2021-03-18
CVE-2021-24129 Themify Portfolio Post < 1.1.6 - Authenticated Stored Cross-Site Scripting — Themify Portfolio Post 5.4 -2021-03-18
CVE-2019-18233 Advantech Spectre RT ERT351 firmware 跨站脚本漏洞 — Advantech Spectre RT Industrial Routers ERT351 6.1 -2021-03-17
CVE-2021-20280 Moodle 跨站脚本漏洞 — moodle 5.4 -2021-03-15
CVE-2021-20279 Moodle 跨站脚本漏洞 — moodle 5.4 -2021-03-15
CVE-2021-28161 Eclipse Theia 跨站脚本漏洞 — Eclipse Theia 6.1 -2021-03-12
CVE-2021-21080 Adobe Connect Reflected Cross-site Scripting via query parameter — Connect 6.1 -2021-03-12
CVE-2021-21079 Adobe Connect Reflected Cross-site Scripting via archiveOffset parameter — Connect 6.1 -2021-03-12
CVE-2020-13959 Velocity Tools XSS Vulnerability — Apache Velocity Tools 6.1 -2021-03-10
CVE-2021-21325 Stored XSS in budget type — glpi 6.2 Medium2021-03-08
CVE-2020-29028 Reflected XSS issues — GateManager 6.3 Medium2021-03-05
CVE-2021-27907 Apache Superset stored XSS on Dashboard markdown — Apache Superset 5.4 -2021-03-05
CVE-2021-25313 Rancher: XSS on /v3/cluster/ — Rancher 7.1 High2021-03-05
CVE-2021-21314 XSS injection on ticket update — glpi 5.4 Medium2021-03-03
CVE-2021-21312 Stored XSS on documents — glpi 5.4 Medium2021-03-03
CVE-2021-22878 Nextcloud Server 跨站脚本漏洞 — Nextcloud Server 6.1 -2021-03-03
CVE-2020-12530 MB CONNECT LINE mymbCONNECT24 跨站脚本漏洞 — mymbCONNECT24 4.3 Medium2021-03-02
CVE-2021-21258 XSS injection in ajax/kanban — glpi 6.8 Medium2021-03-02
CVE-2020-1936 Stored XSS in Apache Ambari — Apache Ambari 6.1 -2021-03-02
CVE-2021-21515 Dell EMC SourceOne 跨站脚本漏洞 — SourceOne 9.0 Critical2021-03-01

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21506 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.