Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21527

21527 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-21441 XSS in the ticket overview screens — ((OTRS)) Community Edition 7.5 High2021-06-16
CVE-2021-3535 Rapid7 Nexpose 跨站脚本漏洞 — Rapid7 Nexpose 4.3 Medium2021-06-16
CVE-2021-32683 XSS through createObjectURL — wire-webapp 8.8 High2021-06-15
CVE-2021-24357 FooGallery < 2.0.35 - Authenticated Stored Cross-Site Scripting — Best Image Gallery & Responsive Photo Gallery – FooGallery 5.4 -2021-06-14
CVE-2021-24382 Smart Slider 3 < 3.5.0.9 - Authenticated Stored Cross-Site Scripting (XSS) — Smart Slider 3 4.8 -2021-06-14
CVE-2021-24349 Gallery From Files <= 1.6.0 - Reflected Cross-Site Scripting (XSS) — Gallery from files 6.1 -2021-06-14
CVE-2021-24350 Visitors <= 0.3 - Unauthenticated Stored Cross-Site Scripting (XSS) — Visitors 6.1 -2021-06-14
CVE-2021-24351 The Plus Addons for Elementor < 4.1.12 - Reflected Cross-Site Scripting (XSS) — The Plus Addons for Elementor Page Builder 6.1 -2021-06-14
CVE-2021-24346 Stock in & out <= 1.0.4 - Reflected Cross-Site Scripting (XSS) — Stock in & out 5.4 -2021-06-14
CVE-2021-20293 Red Hat Resteasy 跨站脚本漏洞 — RESTEasy 6.1 -2021-06-10
CVE-2021-23854 Reflected XSS in page parameter — CPP Firmware 8.3 High2021-06-09
CVE-2021-23848 Reflected XSS in URL handler — CPP Firmware 8.3 High2021-06-09
CVE-2021-31832 Cross site scripting vulnerability in DLP Endpoint for Windows — McAfee Data Loss Prevention (DLP) Endpoint for Windows 5.2 Medium2021-06-09
CVE-2021-32671 XSS vulnerability with translator — core 10.0 Critical2021-06-07
CVE-2021-32670 Reflected cross-site scripting issue in Datasette — datasette 7.2 High2021-06-07
CVE-2021-24342 JNews < 8.0.6 - Reflected Cross-Site Scripting (XSS) — JNews 6.1 -2021-06-07
CVE-2021-24343 iFlyChat – WordPress Chat < 4.7.0 - Admin+ Stored Cross-Site Scripting (XSS) — iFlyChat – WordPress Chat 5.4 -2021-06-07
CVE-2021-24344 Easy Preloader <= 1.0.0 - Authenticated Stored Cross-Site Scripting (XSS) — Easy Preloader 4.8 -2021-06-07
CVE-2021-32641 Reflected XSS when using flashMessages — lock 8.1 High2021-06-04
CVE-2021-31830 Cross site Scripting (XSS) vulnerability in McAfee DBSec — McAfee Database Security (DBSec) 5.9 Medium2021-06-03
CVE-2021-28807 Post-Authentication Reflected XSS Vulnerability in Q'center — Q’center 7.7 High2021-06-03
CVE-2021-28806 DOM-Based XSS Vulnerability in QTS and QuTS hero — QTS 5.7 Medium2021-06-03
CVE-2021-3529 nooba -core 跨站脚本漏洞 — noobaa-core 7.1 -2021-06-02
CVE-2021-24322 Database Backup for WordPress < 2.4 - Authenticated Persistent Cross-Site Scripting (XSS) — Database Backup for WordPress 5.4 -2021-06-01
CVE-2021-24329 WP Super Cache < 1.7.3 - Authenticated Stored Cross-Site Scripting (XSS) — WP Super Cache 5.4 -2021-06-01
CVE-2021-24330 Funnel Builder by CartFlows < 1.6.13 - Authenticated Stored XSS via FB Pixel ID and Google Analytics ID — Funnel Builder by CartFlows – Create High Converting Sales Funnels For WordPress 4.8 -2021-06-01
CVE-2021-24331 Smooth Scroll Page Up/Down Buttons < 1.4 - Authenticated Stored XSS — Smooth Scroll Page Up/Down Buttons 4.8 -2021-06-01
CVE-2021-24334 Instant Images WordPress Plugin < 4.4.0.1 - Authenticated Stored XSS & XFS — Instant Images – One Click Unsplash Uploads 6.1 -2021-06-01
CVE-2021-24335 Car Repair Services < 4.0 - Unauthenticated Reflected XSS & XFS — Car Repair Services & Auto Mechanic 6.1 -2021-06-01
CVE-2021-24313 WP Prayer < 1.6.2 - Authenticated Stored Cross-Site Scripting (XSS) — WP Prayer 5.4 -2021-06-01

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21527 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.