Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21521

21521 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-13672 Reflected Cross-Site Scripting discovered in OpenText WSM Management Server. — Web Site Management Server 6.1AIMediumAI2026-02-19
CVE-2026-27440 WordPress myCred plugin <= 2.9.7.6 - Cross Site Scripting (XSS) vulnerability — myCred 6.5 Medium2026-02-19
CVE-2026-27360 WordPress Photo Gallery by 10Web plugin <= 1.8.38 - Cross Site Scripting (XSS) vulnerability — Photo Gallery by 10Web 5.9 Medium2026-02-19
CVE-2026-27013 Fabric.js Affected by Stored XSS via SVG Export — fabric.js 7.6 High2026-02-19
CVE-2026-26193 Open WebUI vulnerable to Stored XSS via iFrame embeds in response messages — open-webui 7.3 High2026-02-19
CVE-2026-26192 Open WebUI vulnerable to Stored XSS via iFrame in citations model — open-webui 7.3 High2026-02-19
CVE-2026-26059 ChurchCRM has Stored Cross-Site Scripting (XSS) in GroupEditor.php — CRM 5.4 -2026-02-19
CVE-2026-23619 GFI MailEssentials AI < 22.4 General Settings Local Domains Domain Description Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23618 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Subject Condition Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23617 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Body Condition Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23616 GFI MailEssentials AI < 22.4 Anti-Spam Anti-Spoofing Description Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23615 GFI MailEssentials AI < 22.4 Anti-Spam Sender Policy Framework Email Exceptions Description Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23614 GFI MailEssentials AI < 22.4 Anti-Spam Sender Policy Framework IP Exceptions Description Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23613 GFI MailEssentials AI < 22.4 Anti-Spam URI DNS Blocklist Domain Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23612 GFI MailEssentials AI < 22.4 Anti-Spam IP DNS Blocklist Domain Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23611 GFI MailEssentials AI < 22.4 Anti-Spam IP Blocklist Description Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23610 GFI MailEssentials AI < 22.4 POP2Exchange POP3 Server Login Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23609 GFI MailEssentials AI < 22.4 General Settings Perimeter SMTP Servers Description Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23608 GFI MailEssentials AI < 22.4 Email Management Mail Monitoring Rule Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23607 GFI MailEssentials AI < 22.4 Anti-Spam Whitelist Description Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23606 GFI MailEssentials AI < 22.4 Advanced Content Filtering Rule Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23605 GFI MailEssentials AI < 22.4 Attachment Filtering Rule Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-23604 GFI MailEssentials AI < 22.4 Keyword Filtering Rule Stored XSS — MailEssentials AI 5.4 Medium2026-02-19
CVE-2026-25739 Indico affected by Cross-Site-Scripting via material uploads — indico 5.4 Medium2026-02-19
CVE-2025-71241 SPIP < 4.3.6 Cross-Site Scripting in Private Area — SPIP 6.1 Medium2026-02-19
CVE-2025-71240 SPIP < 4.2.15 Cross-Site Scripting via Code Tags — SPIP 5.4 Medium2026-02-19
CVE-2019-25430 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via vpn_users — Comodo Dome Firewall 6.1 Medium2026-02-19
CVE-2019-25429 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via openvpn_advanced — Comodo Dome Firewall 6.1 Medium2026-02-19
CVE-2019-25428 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via openvpn_users — Comodo Dome Firewall 6.1 Medium2026-02-19
CVE-2019-25427 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via antispyware — Comodo Dome Firewall 6.1 Medium2026-02-19

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21521 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.