CWE-79 在Web页面生成时对输入的转义处理不恰当(跨站脚本) 类弱点 21529 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2022-50937 | Ametys CMS 跨站脚本漏洞 — Ametys CMS | 6.1 | Medium | 2026-01-13 |
| CVE-2022-50908 | Mailhog 跨站脚本漏洞 — Mailhog | 7.2 | High | 2026-01-13 |
| CVE-2022-50906 | e107 跨站脚本漏洞 — e107 CMS | 4.8 | Medium | 2026-01-13 |
| CVE-2022-50905 | e107 跨站脚本漏洞 — e107 CMS | 9.8 | Critical | 2026-01-13 |
| CVE-2022-50891 | Owlfiles 跨站脚本漏洞 — Owlfiles File Manager | 5.0 | Medium | 2026-01-13 |
| CVE-2025-68658 | Open Source Point of Sale 跨站脚本漏洞 — opensourcepos | 4.3 | Medium | 2026-01-13 |
| CVE-2025-15056 | Quill 注入漏洞 — Quill | 6.1AI | MediumAI | 2026-01-13 |
| CVE-2026-20959 | Microsoft SharePoint 跨站脚本漏洞 — Microsoft SharePoint Enterprise Server 2016 | 4.6 | Medium | 2026-01-13 |
| CVE-2025-9427 | WordPress plugin WordPress add-on 安全漏洞 — WordPress add-on | 6.1AI | MediumAI | 2026-01-13 |
| CVE-2026-0514 | SAP Business Connector 跨站脚本漏洞 — SAP Business Connector | 6.1 | Medium | 2026-01-13 |
| CVE-2026-0499 | SAP NetWeaver Enterprise Portal 跨站脚本漏洞 — SAP NetWeaver Enterprise Portal | 6.1 | Medium | 2026-01-13 |
| CVE-2026-22813 | opencode 安全漏洞 — opencode | 6.1AI | MediumAI | 2026-01-12 |
| CVE-2026-22033 | Label Studio 访问控制错误漏洞 — label-studio | 5.4AI | MediumAI | 2026-01-12 |
| CVE-2025-41003 | Imaster Patient Record Management System 跨站脚本漏洞 — Patient Record Management System | 5.4AI | MediumAI | 2026-01-12 |
| CVE-2025-40978 | WorkDo HRM SaaS HR and Payroll Tool 跨站脚本漏洞 — eCommerceGo SaaS | 5.4AI | MediumAI | 2026-01-12 |
| CVE-2025-40977 | WorkDo HRMGo 跨站脚本漏洞 — eCommerceGo SaaS | 5.4AI | MediumAI | 2026-01-12 |
| CVE-2025-40976 | WorkDo HRM SaaS HR and Payroll Tool 跨站脚本漏洞 — TicketGo | 5.4AI | MediumAI | 2026-01-12 |
| CVE-2025-40975 | WorkDo HRMGo 跨站脚本漏洞 — HRMGo | 5.4AI | MediumAI | 2026-01-12 |
| CVE-2025-69268 | Broadcom DX NetOps Spectrum 安全漏洞 — DX NetOps Spectrum | 6.1AI | MediumAI | 2026-01-12 |
| CVE-2025-15505 | Legrand AV Luxul XWR-600 代码注入漏洞 — XWR-600 | 2.4 | Low | 2026-01-11 |
| CVE-2026-0824 | questdb 代码注入漏洞 — ui | 3.5 | Low | 2026-01-10 |
| CVE-2025-12379 | WordPress plugin Shortcodes and extra features for Phlox theme 跨站脚本漏洞 — Shortcodes and extra features for Phlox theme | 6.4 | Medium | 2026-01-10 |
| CVE-2025-14555 | WordPress plugin Countdown Timer – Widget Countdown 跨站脚本漏洞 — Countdown Timer – Widget Countdown | 6.4 | Medium | 2026-01-10 |
| CVE-2025-14506 | WordPress plugin ConvertForce Popup Builder 跨站脚本漏洞 — ConvertForce Popup Builder | 6.4 | Medium | 2026-01-10 |
| CVE-2026-22704 | HAX 跨站脚本漏洞 — issues | 8.1 | High | 2026-01-10 |
| CVE-2026-22610 | Angular 跨站脚本漏洞 — angular | 6.1 | - | 2026-01-10 |
| CVE-2025-61674 | October CMS 跨站脚本漏洞 — october | 6.1 | Medium | 2026-01-10 |
| CVE-2025-61676 | October CMS 跨站脚本漏洞 — october | 6.1 | Medium | 2026-01-10 |
| CVE-2026-22029 | react-router 跨站脚本漏洞 — react-router | 8.0 | High | 2026-01-10 |
| CVE-2026-21884 | react-router 跨站脚本漏洞 — react-router | 8.2 | High | 2026-01-10 |
CWE-79(在Web页面生成时对输入的转义处理不恰当(跨站脚本)) 是常见的弱点类别,本平台收录该类弱点关联的 21529 条 CVE 漏洞。