21520 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-7317 | ePolicy Orchistrator (ePO) - Cross-Site Scripting vulnerability — ePolicy Orchistrator (ePO) | 4.6 | Medium | 2020-10-14 |
| CVE-2020-7318 | ePolicy Orchistrator (ePO) - Cross-Site Scripting vulnerability — ePolicy Orchistrator (ePO) | 4.6 | Medium | 2020-10-14 |
| CVE-2020-15253 | Stored XSS in Grocy — grocy | 7.3 | High | 2020-10-14 |
| CVE-2020-5142 | SonicWall SonicOS SSLVPN NACagent 跨站脚本漏洞 — SonicOS | 6.1 | - | 2020-10-12 |
| CVE-2020-3589 | Cisco Identity Services Engine Cross-Site Scripting Vulnerability — Cisco Identity Services Engine Software | 4.8 | Medium | 2020-10-08 |
| CVE-2020-3536 | Cisco SD-WAN vManage Cross-Site Scripting Vulnerability — Cisco SD-WAN vManage | 5.4 | - | 2020-10-08 |
| CVE-2020-3320 | Cisco Firepower Management Center Cross-Site Scripting Vulnerability — Cisco Firepower Management Center | 5.4 | - | 2020-10-08 |
| CVE-2020-15217 | User data exposure in GLPI — glpi | 5.3 | Medium | 2020-10-07 |
| CVE-2020-15177 | Unauthenticated Stored XSS in GLPI — glpi | 8.0 | High | 2020-10-07 |
| CVE-2020-15231 | Cross-site scripting attack in mapfish-print — mapfish-print | 9.3 | Critical | 2020-10-02 |
| CVE-2020-8238 | Pulse Secure Pulse Connect Secure和Pulse Policy Secure 跨站脚本漏洞 — Pulse Connect Secure/ Pulse Policy Secure | 5.4 | - | 2020-09-29 |
| CVE-2020-16242 | GE Reason S20 Ethernet Switch — Reason S20 Ethernet Switch | 6.1 | - | 2020-09-25 |
| CVE-2020-15162 | Stored XSS in PrestaShop — PrestaShop | 5.4 | Medium | 2020-09-24 |
| CVE-2020-15161 | Potential XSS in PrestaShop — PrestaShop | 5.4 | Medium | 2020-09-24 |
| CVE-2020-8348 | Lenovo Enterprise Network Disk 跨站脚本漏洞 — Enterprise Network Disk | 6.1 | Medium | 2020-09-24 |
| CVE-2020-8347 | Lenovo Enterprise Network Disk 跨站脚本漏洞 — Enterprise Network Disk | 6.1 | Medium | 2020-09-24 |
| CVE-2019-15969 | Cisco Web Security Appliance Management Interface Cross-Site Scripting Vulnerability — Cisco Web Security Appliance (WSA) | 6.1 | - | 2020-09-23 |
| CVE-2019-16025 | Cisco Emergency Responder Stored Cross-Site Scripting Vulnerability — Cisco Emergency Responder | 5.4 | - | 2020-09-23 |
| CVE-2020-3137 | Cisco Email Security Appliance Cross-Site Scripting Vulnerability — Cisco Email Security Appliance (ESA) | 6.1 | - | 2020-09-23 |
| CVE-2020-8245 | Citrix Systems 多款产品跨站脚本漏洞 — Citrix ADC, Citrix Gateway | 8.8 | - | 2020-09-18 |
| CVE-2020-15183 | Reflected XSS leading to RCE in SoyCMS — soycms | 8.4 | High | 2020-09-17 |
| CVE-2020-10748 | Red Hat Keycloak 跨站脚本漏洞 — keycloak | 6.1 | - | 2020-09-16 |
| CVE-2020-15179 | HTML Injection in ScratchSig — wiki-scratchsig | 8.0 | High | 2020-09-15 |
| CVE-2020-15178 | Potential XSS in PrestaShop contactform — contactform | 8.0 | High | 2020-09-15 |
| CVE-2020-8340 | IBM BladeCenter 跨站脚本漏洞 — System x IMM2 firmware for: x240, Machine Types: 7162, 2588; x440, Machine Type 7167, 2590 ; x3750 M4, Machine Type: 8753 ; x3250 M6, Machine type 3633, 3943 ; nx360 M5, Machine type 5465, 5467 ; x280/x480/x880 X6 , Machine Type 7196, 4258 ; x3850 X6 and x3950 X6, Machine type 6241 ; x3550 M5, Machine Type 5463, 8869 ; x3650 M5, Machine Type 5462, 8871; x3500 M5, Machine Type 5464, 5478 | 6.3 | Medium | 2020-09-15 |
| CVE-2020-15169 | XSS in Action View — actionview | 5.4 | Medium | 2020-09-11 |
| CVE-2020-16218 | Philips Patient Monitoring Devices Cross-site Scripting — Patient Information Center iX (PICiX) | 4.3 | - | 2020-09-11 |
| CVE-2020-9734 | Stored XSS in AEM Forms component — Experience Manager | 9.0 | Critical | 2020-09-10 |
| CVE-2020-9742 | Reflected XSS in AEM Inbox module — Experience Manager | 9.0 | Critical | 2020-09-10 |
| CVE-2020-9741 | Stored XSS in AEM Forms Components — Experience Manager | 9.0 | Critical | 2020-09-10 |
Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21520 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.