Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21519

21519 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-1048 LigeroSmart index.pl cross site scripting — LigeroSmart 3.5 Low2026-01-17
CVE-2025-8615 CubeWP <= 1.1.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via cubewp_shortcode_taxonomy Shortcode — CubeWP Framework 6.4 Medium2026-01-17
CVE-2026-0725 Integrate Dynamics 365 CRM <= 1.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping Configuration — Integrate Dynamics 365 CRM 4.4 Medium2026-01-17
CVE-2026-0691 CM E-Mail Blacklist <= 1.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'black_email' Parameter — CM E-Mail Blacklist – Simple email filtering for safer registration 4.4 Medium2026-01-17
CVE-2026-0833 Team Section Block <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Social Network Link — Team Section Block – Showcase Team Members with Layout Options 6.4 Medium2026-01-17
CVE-2026-23643 CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scripting — cakephp 5.4 Medium2026-01-16
CVE-2019-25297 Poll, Survey & Quiz Maker Plugin by Opinion Stage < 19.6.25 Stored XSS — Poll, Survey & Quiz Maker Plugin by Opinion Stage 6.1 -2026-01-16
CVE-2026-23725 WeGIA Stored Cross-Site Scripting (XSS) – nome Parameter on Adopters Information Page — WeGIA 5.4 -2026-01-16
CVE-2026-23724 WeGIA Stored Cross-Site Scripting (XSS) – atendido_idatendido Parameter on Occurrence Registration Page — WeGIA 4.3 Medium2026-01-16
CVE-2026-23722 WeGIA has a Reflected Cross-Site Scripting (XSS) vulnerability allowing arbitrary code execution and UI redressing. — WeGIA 9.1 Critical2026-01-16
CVE-2026-23645 SiYuan Vulnerable to Stored Cross-Site Scripting (XSS) via Unrestricted SVG File Upload — siyuan 5.4 -2026-01-16
CVE-2021-47844 Xmind 2020 - Persistent Cross-Site Scripting — Xmind 6.1 Medium2026-01-16
CVE-2021-47841 SnipCommand 0.1.0 - Persistent Cross-Site Scripting — SnipCommand 6.1 Medium2026-01-16
CVE-2021-47842 StudyMD 0.3.2 - Persistent Cross-Site Scripting — StudyMD 7.2 High2026-01-16
CVE-2021-47840 Moeditor 0.2.0 - Persistent Cross-Site Scripting — Moeditor 7.2 High2026-01-16
CVE-2021-47839 Marky 0.0.1 - Persistent Cross-Site Scripting — Marky 7.2 High2026-01-16
CVE-2021-47837 Markdownify 1.2.0 - Persistent Cross-Site Scripting — Markdownify 7.2 High2026-01-16
CVE-2021-47838 Markright 1.0 - Persistent Cross-Site Scripting — Markright 7.2 High2026-01-16
CVE-2021-47835 Freeter 1.2.1 - Persistent Cross-Site Scripting — Freeter 7.2 High2026-01-16
CVE-2021-47836 Markdown Explorer 0.1.1 - Persistent Cross-Site Scripting — Markdown Explorer 6.1 Medium2026-01-16
CVE-2021-47834 Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting (Authenticated) — Schlix CMS 6.4 Medium2026-01-16
CVE-2026-0949 EDB Postgres Enterprise Manager 安全漏洞 — Postgres Enterprise Manager (PEM) 6.5 Medium2026-01-16
CVE-2026-21624 Extension - stackideas.com - Persistent XSS in EasyDiscuss component 1.0.0-5.0.15 for Joomla — EasyDiscuss extension for Joomla 6.1 -2026-01-16
CVE-2026-21623 Extension - stackideas.com - Persistent XSS in EasyDiscuss component 1.0.0-5.0.15 for Joomla — EasyDiscuss extension for Joomla 6.1 -2026-01-16
CVE-2026-0695 Stored XSS in Time Entry Audit Trail — PSA 8.7 High2026-01-16
CVE-2026-0913 User Submitted Posts <= 20260110 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'usp_access' Shortcode — User Submitted Posts – Enable Users to Submit Posts from the Front End 6.4 Medium2026-01-16
CVE-2026-20894 TOA TRIFORA 3 Series 跨站脚本漏洞 — Multiple Network Cameras TRIFORA 3 series 6.1 -2026-01-16
CVE-2025-14375 RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 5.0.10 - Reflected Cross-Site Scripting via className — RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging 6.1 Medium2026-01-16
CVE-2026-0916 Related Posts by Taxonomy <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'related_posts_by_tax' Shortcode — Related Posts by Taxonomy 6.4 Medium2026-01-16
CVE-2026-23769 Lucy-XSS 安全漏洞 — lucy-xss-filter 8.8 -2026-01-16

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21519 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.