CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21520

21520 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2020-2491	Cross-site Scripting Vulnerability in Photo Station — Photo Station	6.1	-	2020-12-10
CVE-2020-10146	Microsoft Teams displayName stored cross-site scripting vulnerability — Teams	5.7	Medium	2020-12-09
CVE-2020-25627	Moodle 跨站脚本漏洞 — Moodle	6.1	-	2020-12-09
CVE-2020-26249	Remote Code Execution (RCE) Exploit on Cross Site Scripting (XSS) Vulnerability — Red-Dashboard	7.7	High	2020-12-08
CVE-2020-25628	Moodle 跨站脚本漏洞 — Moodle	6.1	-	2020-12-08
CVE-2020-25631	Moodle 安全漏洞 — Moodle	6.1	-	2020-12-08
CVE-2020-27783	Lxml 跨站脚本漏洞 — python-lxml	6.1	-	2020-12-03
CVE-2020-7546	多款 Schneider Electric 产品跨站脚本漏洞 — EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information)	7.6	-	2020-12-01
CVE-2020-27659	Synology SafeAccess 跨站脚本漏洞 — Safe Access	8.4	High	2020-11-30
CVE-2020-26227	Cross-Site Scripting in Fluid view helpers — TYPO3.CMS	6.1	Medium	2020-11-23
CVE-2020-15249	Stored XSS by authenticated backend user with access to upload files — october	2.8	Low	2020-11-23
CVE-2020-26239	Cross-Site Scripting in Scratch browser addons — ScratchAddons	7.6	High	2020-11-23
CVE-2020-7571	Schneider Electric EcoStruxure Building Operation WebReports 跨站脚本漏洞 — EcoStruxure Building Operation WebReports V1.9 - V3.1	6.1	-	2020-11-19
CVE-2020-7570	Schneider Electric EcoStruxure Building Operation WebReports 跨站脚本漏洞 — EcoStruxure Building Operation WebReports V1.9 - V3.1	5.4	-	2020-11-19
CVE-2020-28210	Schneider Electric EcoStruxure Building Operation WebStation 跨站脚本漏洞 — EcoStruxure Building Operation WebStation V2.0 - V3.1	6.1	-	2020-11-19
CVE-2020-25702	Moodle 跨站脚本漏洞 — moodle	6.1	-	2020-11-19
CVE-2020-26216	Cross-Site Scripting in TYPO3 Fluid — Fluid	8.0	High	2020-11-17
CVE-2020-10776	Red Hat Keycloak 跨站脚本漏洞 — keycloak	6.1	-	2020-11-17
CVE-2020-26225	Reflected XSS in PrestaShop Product Comments — productcomments	8.7	High	2020-11-16
CVE-2020-7033	Avaya Equinox Conferencing XSS — Avaya Equinox Conferencing	6.3	Medium	2020-11-12
CVE-2020-24443	Reflected Cross-Site Scripting (XSS) in Adobe Connect — Connect	6.1	Medium	2020-11-12
CVE-2020-24442	Reflected Cross-Site Scripting (XSS) in Adobe Connect — Connect	6.1	Medium	2020-11-12
CVE-2020-13954	Apache CXF Reflected XSS in the services listing page via the styleSheetPath — Apache CXF	6.1	-	2020-11-12
CVE-2020-7333	Cross-site Scripting (XSS) in firewall ePO extension of McAfee Endpoint Security (ENS) — Endpoint Security for Windows	4.8	Medium	2020-11-12
CVE-2020-25706	Cacti 跨站脚本漏洞 — cacti	5.4	Medium	2020-11-12
CVE-2020-26221	Stored Cross Site Scripting in touchbase.ai — touchbase.ai	8.0	High	2020-11-11
CVE-2020-15275	malicious SVG attachment causing stored XSS vulnerability in MoinMoin — moin-1.9	8.7	High	2020-11-11
CVE-2020-3591	Cisco SD-WAN vManage Cross-Site Scripting Vulnerability — Cisco SD-WAN vManage	4.3	Medium	2020-11-06
CVE-2020-3590	Cisco SD-WAN vManage Software Cross-Site Scripting Vulnerability — Cisco SD-WAN vManage	6.4	Medium	2020-11-06
CVE-2020-3587	Cisco SD-WAN vManage Software Cross-Site Scripting Vulnerability — Cisco SD-WAN vManage	6.4	Medium	2020-11-06

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21520 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21520