CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21508

21508 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2019-18249	Reliable Controls MACH-ProWebSys和Reliable Controls MACH-ProWebCom 跨站脚本漏洞 — Reliable Controls MACH-ProWebCom/Sys	8.8	-	2019-12-24
CVE-2019-18571	Dell RSA Identity Governance and Lifecycle和RSA Via Lifecycle and Governance 跨站脚本漏洞 — RSA Identity Governance & Lifecycle	5.4	-	2019-12-18
CVE-2019-7621	Elasticsearch Kibana 跨站脚本漏洞 — Kibana	5.4	-	2019-12-18
CVE-2019-18267	S2020/S2020G Fast Switch 61850 跨站脚本漏洞 — GE S2020/S2020G Fast Switch 61850	5.4	-	2019-12-18
CVE-2019-13943	Siemens EN100 Ethernet Module 跨站脚本漏洞 — EN100 Ethernet module DNP3 variant	6.1	-	2019-12-12
CVE-2019-7004	Avaya IP Office XSS Vulnerability — IP Office Application Server	6.1	-	2019-12-11
CVE-2019-16772	regular expressions Cross-Site Scripting (XSS) vulnerability in serialize-to-js — serialize-to-js	3.1	Low	2019-12-06
CVE-2019-16769	Affected versions of serialize-javascript are vulnerable to Cross-site Scripting (XSS) — serialize-javascript	4.2	Medium	2019-12-05
CVE-2019-18574	Dell RSA Authentication Manager 跨站脚本漏洞 — RSA Authentication Manager	4.8	-	2019-12-03
CVE-2019-13935	Siemens Polarion webclient 跨站脚本漏洞 — Polarion	3.5	Low	2019-11-27
CVE-2019-13936	Siemens Polarion webclient 跨站脚本漏洞 — Polarion	3.5	Low	2019-11-27
CVE-2019-13934	Siemens Polarion webclient 跨站脚本漏洞 — Polarion	3.5	Low	2019-11-27
CVE-2019-15968	Cisco Unified Communications Domain Manager Persistent Cross-Site Scripting Vulnerability — Cisco Unified Communications Domain Manager	5.4	-	2019-11-26
CVE-2019-15994	Cisco Stealthwatch Enterprise Cross-Site Scripting Vulnerability — Cisco Stealthwatch Enterprise	6.1	-	2019-11-26
CVE-2019-15973	Cisco Industrial Network Director Reflected Cross-Site Scripting Vulnerability — Cisco Industrial Network Director	6.1	-	2019-11-26
CVE-2019-17632	Eclipse Jetty 跨站脚本漏洞 — Eclipse Jetty	5.8	-	2019-11-25
CVE-2019-11291	RabbitMQ XSS attack via federation and shovel endpoints — RabbitMQ	4.8	-	2019-11-22
CVE-2019-16763	XSS in Pannellum from 2.5.0 through 2.5.4 — pannellum	4.8	Medium	2019-11-22
CVE-2018-10854	Red Hat CloudForms 跨站脚本漏洞 — cloudforms	5.4	-	2019-11-22
CVE-2019-6853	Schneider Electric Andover Continuum 跨站脚本漏洞 — Andover Continuum models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702	6.1	-	2019-11-20
CVE-2019-15072	Openfind MAIL2000 Webmail Post-Auth Cross-Site Scripting — MAIL2000	6.1	-	2019-11-20
CVE-2019-15071	Openfind MAIL2000 Webmail Pre-Auth Cross-Site Scripting — MAIL2000	6.1	-	2019-11-20
CVE-2019-10219	Hibernate Validator 跨站脚本漏洞 — hibernate-validator	5.4	-	2019-11-08
CVE-2019-6142	Forcepoint Email Security 跨站脚本漏洞 — Forcepoint Email Security	6.1	-	2019-11-05
CVE-2019-15587	Loofah gem for Ruby 跨站脚本漏洞 — Loofah (rubygem)	6.1	-	2019-10-22
CVE-2019-15280	Cisco Firepower Management Center Software Stored Cross-Site Scripting Vulnerability — Cisco Firepower Management Center	4.8	-	2019-10-16
CVE-2019-15281	Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability — Cisco Identity Services Engine Software	4.8	-	2019-10-16
CVE-2019-15269	Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities — Cisco Firepower Management Center	4.8	-	2019-10-16
CVE-2019-15270	Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability — Cisco Firepower Management Center	6.1	-	2019-10-16
CVE-2019-15268	Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities — Cisco Firepower Management Center	4.8	-	2019-10-16

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21508 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21508