Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21500

21500 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2020-8176 koa-shopify-auth 跨站脚本漏洞 — koa-shopify-auth 6.1 -2020-07-02
CVE-2020-4061 Cross-site Scripting in OctoberPotential self-XSS when pasting content from malicious websites — October 3.7 Low2020-07-02
CVE-2020-15083 Reflected XSS when uploading an image in the Product page in PrestaShop — PrestaShop 4.7 Medium2020-07-02
CVE-2020-11074 Stored XSS in PrestaShop — PrestaShop 5.4 Medium2020-07-02
CVE-2020-3282 Cisco Unified Communications Products Cross-Site Scripting Vulnerability — Cisco Unity Connection 6.1 -2020-07-02
CVE-2020-3340 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities — Cisco Identity Services Engine Software 4.8 -2020-07-02
CVE-2020-7354 Rapid7 Metasploit Pro Stored XSS in 'host' field — Metasploit Pro 6.1 Medium2020-06-25
CVE-2020-7355 Rapid7 Metasploit Pro Stored XSS in 'notes' field — Metasploit Pro 6.1 Medium2020-06-25
CVE-2020-12021 OSIsoft PI Web API 跨站脚本漏洞 — OSIsoft PI Web API 2019 7.6 -2020-06-23
CVE-2019-3865 Red Hat Quay 跨站脚本漏洞 — quay 4.8 -2020-06-22
CVE-2020-4070 Cross-site Scripting in CSS Validator — CSS Validator 4.6 Medium2020-06-22
CVE-2020-3356 Cisco Data Center Network Manager Stored Cross-Site Scripting Vulnerability — Cisco Data Center Network Manager 6.1 -2020-06-18
CVE-2020-3355 Cisco Data Center Network Manager Stored Cross-Site Scripting Vulnerability — Cisco Data Center Network Manager 4.8 -2020-06-18
CVE-2020-3354 Cisco Data Center Network Manager Stored Cross-Site Scripting Vulnerability — Cisco Data Center Network Manager 4.8 -2020-06-18
CVE-2020-4054 Cross-site Scripting in Sanitize — Sanitize 7.3 High2020-06-16
CVE-2020-4052 Stored XSS through template injection in Wiki.js — Wiki.js 6.3 Medium2020-06-16
CVE-2020-4051 XSS in Dijit Editor's LinkDialog plugin — dijit 3.7 Low2020-06-15
CVE-2020-4041 The filename of uploaded files vulnerable to stored XSS in Bolt CMS — bolt 7.4 High2020-06-08
CVE-2020-4038 Reflected XSS in GraphQL Playground — graphql-playground 7.4 High2020-06-08
CVE-2020-7015 Elasticsearch Kibana 跨站脚本漏洞 — Kibana 5.4 -2020-06-03
CVE-2020-3233 Cisco IOx Application Framework Local Manager Stored Cross-Site Scripting Vulnerability — Cisco IOx 5.4 -2020-06-03
CVE-2020-11082 Cross-Site Scripting in Kaminari — Kaminari 6.4 Medium2020-05-28
CVE-2020-8170 Ubiquiti Networks AirOS 跨站脚本漏洞 — AirMax AirOS for TI, XW and XM boards 6.1 -2020-05-26
CVE-2020-7809 Estsoft ALSong DOM-Based XSS Vulnerability — Estsoft 4.4 Medium2020-05-15
CVE-2020-11065 Cross-Site Scripting in TYPO3 CMS — TYPO3 CMS 5.4 Medium2020-05-13
CVE-2020-11064 Cross-Site Scripting in TYPO3 CMS — TYPO3 CMS 5.4 Medium2020-05-13
CVE-2020-2017 PAN-OS: DOM-Based cross site scripting vulnerability in management web interface — PAN-OS 8.8 High2020-05-13
CVE-2020-2005 PAN-OS: GlobalProtect Clientless VPN session hijacking — PAN-OS 7.1 High2020-05-13
CVE-2020-11070 Cross-Site Scripting in SVG Sanitizer — svg_sanitizer 5.4 Medium2020-05-13
CVE-2020-8020 Persistent XSS in markdown parser used by obs-server — open-build-service 6.5 Medium2020-05-13

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21500 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.