Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530

21530 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-21690 Cross-Site Scripting in Onionshare — onionshare 8.7 High2022-01-18
CVE-2022-0210 Random Banner <= 4.1.4 Admin+ Stored Cross-Site Scripting — Random Banner 4.8 Medium2022-01-18
CVE-2022-0233 ProfileGrid – User Profiles, Memberships, Groups and Communities <= 4.7.4 Authenticated Stored Cross-Site Scripting — ProfileGrid – User Profiles, Memberships, Groups and Communities 6.4 Medium2022-01-18
CVE-2021-4074 WHMCS Bridge <= 6.1 Subscriber+ Stored Cross-Site Scripting — WHMCS Bridge 6.4 Medium2022-01-18
CVE-2022-0232 User Registration, Login & Landing Pages – LeadMagic <= 1.2.7 Admin+ Stored Cross-Site Scripting — User Registration, Login & Landing Pages – LeadMagic 4.8 Medium2022-01-18
CVE-2022-0262 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-01-18
CVE-2022-0260 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-01-18
CVE-2021-42357 DOM based XSS Vulnerability in Apache Knox — Apache Knox 6.1 -2022-01-17
CVE-2022-0257 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-01-17
CVE-2022-0256 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-01-17
CVE-2021-3862 Cross-site Scripting (XSS) - Reflected in icecoder/icecoder — icecoder/icecoder 6.1 -2022-01-17
CVE-2022-0253 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 6.1 -2022-01-17
CVE-2021-25067 Landing Page Builder < 1.4.9.6 - Authenticated Reflected Cross-Site Scripting (XSS) — Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages 5.4 -2022-01-17
CVE-2021-25065 Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting (XSS) — Smash Balloon Social Post Feed 5.4 -2022-01-17
CVE-2021-25061 WP Booking System – Booking Calendar < 2.0.15 - Authenticated Reflected Cross-Site Scripting (XSS) — WP Booking System – Booking Calendar 5.4 -2022-01-17
CVE-2021-25046 Modern Events Calendar Lite < 6.2.0 - Subscriber+ Category Add Leading to Stored XSS — Modern Events Calendar Lite 5.4 -2022-01-17
CVE-2021-25024 Event Calendar < 1.1.51 - Reflected Cross-Site Scripting — EventCalendar 6.1 -2022-01-17
CVE-2021-25005 SEUR Oficial < 1.7.0 - Admin+ Stored Cross-Site Scripting — SEUR Oficial 4.8 -2022-01-17
CVE-2021-24909 ACF Photo Gallery Field < 1.7.5 - Reflected Cross-Site Scripting — ACF Photo Gallery Field 6.1 -2022-01-17
CVE-2021-3857 Cross-site Scripting (XSS) - Stored in chaskiq/chaskiq — chaskiq/chaskiq 5.4 -2022-01-17
CVE-2021-3853 Cross-site Scripting (XSS) - Stored in chaskiq/chaskiq — chaskiq/chaskiq 5.4 -2022-01-17
CVE-2021-4170 Cross-site Scripting (XSS) - Stored in janeczku/calibre-web — janeczku/calibre-web 6.1 -2022-01-16
CVE-2021-36920 WordPress plugin Download Monitor <= 4.4.6 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability — Download Monitor (WordPress plugin) 4.8 Medium2022-01-14
CVE-2021-42551 Reflected XSS in NetBiblio WebOPAC search functionality — NetBiblio WebOPAC 6.1 Medium2022-01-14
CVE-2022-20639 Cisco Security Manager Cross-Site Scripting Vulnerabilities — Cisco Security Manager 6.1 Medium2022-01-14
CVE-2022-20638 Cisco Security Manager Cross-Site Scripting Vulnerabilities — Cisco Security Manager 6.1 Medium2022-01-14
CVE-2022-20637 Cisco Security Manager Cross-Site Scripting Vulnerabilities — Cisco Security Manager 6.1 Medium2022-01-14
CVE-2022-20636 Cisco Security Manager Cross-Site Scripting Vulnerabilities — Cisco Security Manager 6.1 Medium2022-01-14
CVE-2022-20635 Cisco Security Manager Cross-Site Scripting Vulnerabilities — Cisco Security Manager 6.1 Medium2022-01-14
CVE-2022-20647 Cisco Security Manager Cross-Site Scripting Vulnerabilities — Cisco Security Manager 6.1 Medium2022-01-14

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21530 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.