CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21498

21498 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2017-16774	Synology DiskStation Manager 跨站脚本漏洞 — DiskStation Manager (DSM)	5.4	-	2019-04-01
CVE-2018-10934	Red Hat JBoss Enterprise Application Platform 跨站脚本漏洞 — wildfly-core	5.4	-	2019-03-27
CVE-2019-3847	Moodle 安全漏洞 — Moodle	4.8	-	2019-03-27
CVE-2019-3826	Prometheus 跨站脚本漏洞 — prometheus	6.1	-	2019-03-26
CVE-2019-7608	Elasticsearch Kibana 跨站脚本漏洞 — Kibana	6.1	-	2019-03-25
CVE-2019-3808	Moodle 跨站脚本漏洞 — moodle	5.4	-	2019-03-25
CVE-2019-3810	Moodle 跨站脚本漏洞 — moodle	6.1	-	2019-03-25
CVE-2015-6462	多款Schneider Electric Modicon PLC产品跨站脚本漏洞 — Schneider Electric Modicon PLC	6.1	-	2019-03-21
CVE-2016-5819	多款Moxa产品跨站脚本漏洞 — OnCell G3100V2 Series	6.1	-	2019-03-21
CVE-2019-1702	Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerabilities — Cisco Enterprise Chat and Email	6.1	-	2019-03-11
CVE-2019-1707	Cisco DNA Center Access Contract Stored Cross-Site Scripting Vulnerability — Cisco Digital Network Architecture Center (DNA Center)	5.4	-	2019-03-11
CVE-2019-3776	Reflected XSS in Pivotal Operations Manager — Pivotal Ops Manager	6.1	-	2019-03-07
CVE-2019-6528	多款PSI GridConnect GmbH产品跨站脚本漏洞 — PSI GridConnect GmbH (formerly known as PSI Nentec GmbH) Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy.	8.1	-	2019-03-05
CVE-2019-6565	多款Moxa产品跨站脚本漏洞 — Moxa IKS, EDS	6.1	-	2019-03-05
CVE-2019-1685	Cisco Unity Connection Reflected Cross-Site Scripting Vulnerability — Cisco Unity Connection	6.1	-	2019-02-21
CVE-2019-1665	Cisco Hyperflex Stored Cross-Site Scripting Vulnerability — Cisco HyperFlex HX-Series	6.1	-	2019-02-21
CVE-2019-1673	Cisco Identity Services Engine Cross-Site Scripting Vulnerability — Cisco Identity Services Engine Software	5.4	-	2019-02-08
CVE-2019-1661	Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability — Cisco TelePresence Management Suite (TMS)	6.1	-	2019-02-07
CVE-2019-1670	Cisco Unified Intelligence Center Software Cross-Site Scripting Vulnerability — Cisco Unified Contact Center Express	6.1	-	2019-02-07
CVE-2019-1671	Cisco Firepower Management Center Cross-Site Scripting Vulnerability — Cisco Firepower Management Center	6.1	-	2019-02-07
CVE-2019-1677	Cisco Webex Meetings for Android Cross-Site Scripting Vulnerability — Cisco WebEx Meetings for Android	4.6	-	2019-02-07
CVE-2018-16480	public module 跨站脚本漏洞 — public	6.1	-	2019-02-01
CVE-2018-16481	html-page 跨站脚本漏洞 — html-pages	6.1	-	2019-02-01
CVE-2018-16484	m-server 跨站脚本漏洞 — m-server	5.4	-	2019-02-01
CVE-2019-3911	LabKey Server 跨站脚本漏洞 — LabKey Server Community Edition	6.1	-	2019-01-30
CVE-2018-18985	TRIDIUM Niagara Enterprise Security、Niagara AX和Niagara 跨站脚本漏洞 — Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all versions prior to 4.6.96.28.4	5.4	-	2019-01-29
CVE-2019-1655	Cisco Webex Meetings Server Cross-Site Scripting Vulnerability — Cisco WebEx Meetings Server	6.1	-	2019-01-24
CVE-2019-1668	Cisco SocialMiner Chat Feed Cross-Site Scripting Vulnerability — Cisco SocialMiner	6.1	-	2019-01-24
CVE-2019-1642	Cisco Firepower Management Center Cross-Site Scripting Vulnerability — Cisco Firepower Management Center	6.1	-	2019-01-23
CVE-2019-1643	Cisco Prime Infrastructure Cross-Site Scripting Vulnerability — Cisco Prime Infrastructure	6.1	-	2019-01-23

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21498 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21498