CWE-79 在Web页面生成时对输入的转义处理不恰当(跨站脚本) 类弱点 21538 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2022-46670 | Rockwell Automation MicroLogix 1100 和 MicroLogix 1400 跨站脚本漏洞 — MicroLogix 1100 & 1400 Controllers | 7.1 | High | 2022-12-16 |
| CVE-2022-46870 | Apache Zeppelin 跨站脚本漏洞 — Apache Zeppelin | 5.4 | - | 2022-12-16 |
| CVE-2022-38106 | SolarWinds Serv-U File Server 跨站脚本漏洞 — Serv-U File Server | 5.4 | Medium | 2022-12-16 |
| CVE-2022-4560 | Joget 跨站脚本漏洞 — Joget | 3.5 | Low | 2022-12-16 |
| CVE-2022-4519 | WordPress plugin WP User 跨站脚本漏洞 — WP User – Custom Registration Forms, Login and User Profile | 5.5 | Medium | 2022-12-15 |
| CVE-2022-4502 | OpenEMR 跨站脚本漏洞 — openemr/openemr | 6.1 | - | 2022-12-15 |
| CVE-2022-4503 | OpenEMR 跨站脚本漏洞 — openemr/openemr | 5.4 | - | 2022-12-15 |
| CVE-2022-4521 | WSO2 carbon-registry 跨站脚本漏洞 — carbon-registry | 3.5 | Low | 2022-12-15 |
| CVE-2022-4524 | Soil 跨站脚本漏洞 — soil Plugin | 3.5 | Low | 2022-12-15 |
| CVE-2022-4525 | National Sleep Research Resource 跨站脚本漏洞 — sleepdata.org | 3.5 | Low | 2022-12-15 |
| CVE-2022-4527 | collective.task 跨站脚本漏洞 — collective.task | 3.5 | Low | 2022-12-15 |
| CVE-2022-4410 | WordPress plugin Permalink Manager Lite 跨站脚本漏洞 — Permalink Manager Lite | 6.4 | Medium | 2022-12-14 |
| CVE-2022-23520 | Rails 跨站脚本漏洞 — rails-html-sanitizer | 6.1 | Medium | 2022-12-14 |
| CVE-2022-23519 | Rails 跨站脚本漏洞 — rails-html-sanitizer | 7.2 | High | 2022-12-14 |
| CVE-2022-23518 | Rails 跨站脚本漏洞 — rails-html-sanitizer | 6.1 | - | 2022-12-14 |
| CVE-2022-23515 | F5 BIG-IP和F5 BIG-IQ 跨站脚本漏洞 — loofah | 6.1 | Medium | 2022-12-14 |
| CVE-2022-3073 | Bootstrap 跨站脚本漏洞 — Schema ST4 example web templates | 6.1 | Medium | 2022-12-14 |
| CVE-2022-4495 | collective.dms.basecontent 跨站脚本漏洞 — collective.dms.basecontent | 3.5 | Low | 2022-12-14 |
| CVE-2022-23499 | TYPO3 跨站脚本漏洞 — html-sanitizer | 6.1 | Medium | 2022-12-13 |
| CVE-2022-41266 | SAP Commerce跨站脚本漏洞 — Commerce Webservices 2.0 (Swagger UI) | 8.0 | High | 2022-12-13 |
| CVE-2022-4455 | PHP-Calendar 跨站脚本漏洞 — php-calendar | 3.5 | Low | 2022-12-13 |
| CVE-2022-44575 | Siemens PLM Help Server 跨站脚本漏洞 — PLM Help Server V4.2 | 6.1 | - | 2022-12-13 |
| CVE-2022-41262 | SAP NetWeaver AS 跨站脚本漏洞 — NetWeaver AS for Java (Http Provider Service) | 6.1 | Medium | 2022-12-12 |
| CVE-2022-4407 | phpMyFAQ 跨站脚本漏洞 — thorsten/phpmyfaq | 6.1 | - | 2022-12-11 |
| CVE-2022-4408 | phpMyFAQ 跨站脚本漏洞 — thorsten/phpmyfaq | 5.4 | - | 2022-12-11 |
| CVE-2022-4413 | Nuxt.js 跨站脚本漏洞 — nuxt/framework | 6.1 | - | 2022-12-11 |
| CVE-2022-4414 | Nuxt.js 跨站脚本漏洞 — nuxt/framework | 6.1 | - | 2022-12-11 |
| CVE-2022-41299 | IBM Cloud Transformation Advisor 跨站脚本漏洞 — Cloud Transformation Advisor | 4.4 | Medium | 2022-12-09 |
| CVE-2022-4336 | BAOTA 跨站脚本漏洞 — Baota | 5.4 | - | 2022-12-09 |
| CVE-2022-41947 | DHIS 2 跨站脚本漏洞 — dhis2-core | 5.4 | Medium | 2022-12-08 |
CWE-79(在Web页面生成时对输入的转义处理不恰当(跨站脚本)) 是常见的弱点类别,本平台收录该类弱点关联的 21538 条 CVE 漏洞。