Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21506

21506 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-34822 Endian Firewall /manage/ca/certificate/ new_cert_name Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34821 Endian Firewall /manage/vpnauthentication/user/ remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34820 Endian Firewall /manage/ipsec/ remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34819 Endian Firewall /cgi-bin/openvpnclient.cgi REMARK Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34818 Endian Firewall /manage/dnsmasq/localdomains/ remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34817 Endian Firewall /cgi-bin/smtprouting.cgi ADDRESS BCC Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34816 Endian Firewall /manage/smtpscan/domainrouting/ domain Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34815 Endian Firewall /cgi-bin/smtpdomains.cgi DOMAIN Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34814 Endian Firewall /cgi-bin/proxygroup.cgi group Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34812 Endian Firewall /cgi-bin/proxypolicy.cgi mimetypes Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34813 Endian Firewall /cgi-bin/proxyuser.cgi user Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34811 Endian Firewall /cgi-bin/xtaccess.cgi remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34810 Endian Firewall /cgi-bin/vpnfw.cgi remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34809 Endian Firewall /cgi-bin/zonefw.cgi remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34808 Endian Firewall /cgi-bin/outgoingfw.cgi remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34807 Endian Firewall /cgi-bin/incoming.cgi remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34806 Endian Firewall /cgi-bin/snat.cgi remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34805 Endian Firewall /cgi-bin/dnat.cgi remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34804 Endian Firewall /manage/qos/rules/ dscp Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34803 Endian Firewall /manage/qos/classes/ name Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34801 Endian Firewall /manage/dhcp/fixed_leases/ remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34802 Endian Firewall /cgi-bin/salearn.cgi remark user ham spam Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34800 Endian Firewall /cgi-bin/uplinkeditor.cgi NAME Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34799 Endian Firewall /manage/dnsmasq/hosts/ remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-34798 Endian Firewall /cgi-bin/routing.cgi remark Stored Cross-Site Scripting — Endian Firewall 6.4 Medium2026-04-02
CVE-2026-2737 Possibility of unintended actions when an administrator clicks a malicious link in the Progress Flowmon web application — Flowmon 8.3AIHighAI2026-04-02
CVE-2026-5332 Xiaopi Panel WAF Firewall demo.php cross site scripting — Panel 3.5 Low2026-04-02
CVE-2026-34890 WordPress MSTW League Manager plugin <= 2.10 - Cross Site Scripting (XSS) vulnerability — MSTW League Manager 6.5 Medium2026-04-02
CVE-2026-29136 CA Notification HTML Injection — Secure Email Gateway 5.4AIMediumAI2026-04-02
CVE-2026-5325 SourceCodester Simple Customer Relationship Management System Create Ticket create-ticket.php cross site scripting — Simple Customer Relationship Management System 3.5 Low2026-04-02

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21506 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.