Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21523

21523 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24232 Advanced Booking Calendar < 1.6.8 - Authenticated Reflected Cross-Site Scripting (XSS) — Advanced Booking Calendar 5.4 -2021-04-22
CVE-2021-24233 Cooked Pro < 1.7.5.6 - Unauthenticated Reflected Cross Site Scripting (XSS) — Cooked Ppro 6.1 -2021-04-22
CVE-2021-24234 Ivory Search < 4.6.1 - Reflected Cross Site Scripting (XSS) — Ivory Search – WordPress Search Plugin 6.1 -2021-04-22
CVE-2021-24235 Goto - Tour & Travel < 2.0 - Unauthenticated Reflected XSS — Goto 6.1 -2021-04-22
CVE-2021-24237 Realteo < 1.2.4 - Unauthenticated Reflected Cross-Site Scripting (XSS) — Realteo 6.1 -2021-04-22
CVE-2021-0275 Junos OS: J-Web: Cross-site scripting attack allows an attacker to gain control of another users session. — Junos OS 8.8 High2021-04-22
CVE-2021-22540 XSS in Dart SDK — Dart SDK 6.1 -2021-04-22
CVE-2021-29459 XSS Cross Site Scripting — xwiki-platform 9.6 Critical2021-04-20
CVE-2021-29434 Improper validation of URLs ('Cross-site Scripting') in Wagtail rich text fields — wagtail 6.1 Medium2021-04-19
CVE-2018-19942 Cross-site Scripting Vulnerability in File Station — QTS 6.1 -2021-04-16
CVE-2021-29448 Stored DOM XSS in Pi-hole Admin Web Interface — AdminLTE 7.6 High2021-04-15
CVE-2021-21087 ColdFusion Improper neutralization of web input during page generation could lead to arbitrary JavaScript execution in the browser — ColdFusion 6.1 -2021-04-15
CVE-2021-29438 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in @nextcloud/dialogs — nextcloud-dialogs 4.6 Medium2021-04-13
CVE-2021-24229 Patreon WordPress < 1.7.2 - Reflected XSS on patreon_save_attachment_patreon_level AJAX action — Patreon WordPress 9.6 -2021-04-12
CVE-2021-24228 Patreon WordPress < 1.7.2 - Reflected XSS on Login Form — Patreon WordPress 9.6 -2021-04-12
CVE-2021-24225 Advanced Booking Calendar < 1.6.7 - Authenticated Reflected Cross-Site Scripting (XSS) — Advanced Booking Calendar 5.4 -2021-04-12
CVE-2021-24213 GiveWP < 2.10.0 - Reflected Cross Site Scripting (XSS) — GiveWP – Donation Plugin and Fundraising Platform 6.1 -2021-04-12
CVE-2021-22510 Jenkins Core 跨站脚本漏洞 — Micro Focus Application Automation Tools Plugin - Jenkins plugin 6.1 -2021-04-08
CVE-2021-1463 Cisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability — Cisco Unified Contact Center Express 6.1 Medium2021-04-08
CVE-2021-24211 WordPress Related Posts <= 3.6.4 - Authenticated Stored Cross-Site Scripting (XSS) — WordPress Related Posts 5.4 -2021-04-05
CVE-2021-24201 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Column Element — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24202 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Heading Widget — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24203 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Divider Widget — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24204 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Accordion Widget — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24205 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Icon Box Widget — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24206 Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Image Box Widget — Elementor Website Builder 5.4 -2021-04-05
CVE-2021-24208 WP Page Builder < 1.2.4 - Multiple Stored Cross-Site scripting (XSS) — WP Page Builder 5.4 -2021-04-05
CVE-2021-24177 WP File Manager < 7.1 - Reflected Cross-Site Scripting (XSS) — File Manager 5.4 -2021-04-05
CVE-2021-24180 Related Posts for WordPress < 2.0.4 - Authenticated Reflected Cross-Site Scripting (XSS) — Related Posts for WordPress 5.4 -2021-04-05
CVE-2021-24187 SEO Redirection < 6.4 - Authenticated Reflected Cross-Site Scripting (XSS) — SEO Redirection Plugin - 301 Redirect Manager 6.1 -2021-04-05

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21523 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.