CWE-79 在Web页面生成时对输入的转义处理不恰当(跨站脚本) 类弱点 21529 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2025-68401 | ChurchCRM 跨站脚本漏洞 — CRM | 7.6AI | HighAI | 2025-12-17 |
| CVE-2025-68399 | ChurchCRM 跨站脚本漏洞 — CRM | 5.4AI | MediumAI | 2025-12-17 |
| CVE-2025-67876 | ChurchCRM 跨站脚本漏洞 — CRM | 5.4AI | MediumAI | 2025-12-17 |
| CVE-2025-67875 | ChurchCRM 跨站脚本漏洞 — CRM | 7.6AI | HighAI | 2025-12-17 |
| CVE-2025-13537 | WordPress plugin Live Composer 跨站脚本漏洞 — Live Composer – Free WordPress Website Builder | 6.4 | Medium | 2025-12-17 |
| CVE-2025-13217 | WordPress plugin Ultimate Member 跨站脚本漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | 6.4 | Medium | 2025-12-17 |
| CVE-2025-14347 | Proliz Student Affairs Information System 跨站脚本漏洞 — OBS (Student Affairs Information System)0 | 6.3 | Medium | 2025-12-17 |
| CVE-2025-14154 | WordPress plugin Better Messages 跨站脚本漏洞 — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages | 6.1 | Medium | 2025-12-17 |
| CVE-2025-14385 | WordPress plugin WP Recipe Maker 跨站脚本漏洞 — WP Recipe Maker | 6.4 | Medium | 2025-12-17 |
| CVE-2025-13861 | WordPress plugin HTML Forms 跨站脚本漏洞 — HTML Forms – Simple WordPress Forms Plugin | 6.1 | Medium | 2025-12-17 |
| CVE-2025-13977 | WordPress plugin Essential Addons for Elementor 跨站脚本漏洞 — Essential Addons for Elementor – Popular Elementor Templates & Widgets | 6.4 | Medium | 2025-12-17 |
| CVE-2025-14801 | TMS 代码注入漏洞 — TMS | 2.4 | Low | 2025-12-17 |
| CVE-2025-14701 | Crafty Controller 跨站脚本漏洞 — Crafty Controller | 7.1 | High | 2025-12-17 |
| CVE-2023-53900 | SPIP 跨站脚本漏洞 — spip | 8.8 | High | 2025-12-16 |
| CVE-2023-53903 | websitebaker 安全漏洞 — WebsiteBaker | 5.4 | Medium | 2025-12-16 |
| CVE-2023-53898 | Rukovoditel 安全漏洞 — Rukovoditel | 5.4 | Medium | 2025-12-16 |
| CVE-2023-53897 | Rukovoditel 安全漏洞 — Rukovoditel | 5.4 | Medium | 2025-12-16 |
| CVE-2025-68116 | FileRise 跨站脚本漏洞 — FileRise | 8.9 | High | 2025-12-16 |
| CVE-2025-59935 | GLPI 跨站脚本漏洞 — glpi | 6.5 | Medium | 2025-12-16 |
| CVE-2025-68268 | JetBrains TeamCity 跨站脚本漏洞 — TeamCity | 5.4 | Medium | 2025-12-16 |
| CVE-2025-68166 | JetBrains TeamCity 跨站脚本漏洞 — TeamCity | 5.4 | Medium | 2025-12-16 |
| CVE-2025-68165 | JetBrains TeamCity 跨站脚本漏洞 — TeamCity | 5.4 | Medium | 2025-12-16 |
| CVE-2025-68163 | JetBrains TeamCity 跨站脚本漏洞 — TeamCity | 3.5 | Low | 2025-12-16 |
| CVE-2025-11220 | WordPress plugin Elementor 跨站脚本漏洞 — Elementor Website Builder – more than just a page builder | 6.4 | Medium | 2025-12-16 |
| CVE-2025-68078 | WordPress plugin Salient Portfolio 跨站脚本漏洞 — Salient Portfolio | 6.5 | Medium | 2025-12-16 |
| CVE-2025-68080 | WordPress plugin User Avatar - Reloaded 安全漏洞 — User Avatar - Reloaded | 6.5 | Medium | 2025-12-16 |
| CVE-2025-68079 | WordPress plugin Salient Shortcodes 跨站脚本漏洞 — Salient Shortcodes | 6.5 | Medium | 2025-12-16 |
| CVE-2025-68076 | WordPress plugin Stockholm Core 安全漏洞 — Stockholm Core | 6.5 | Medium | 2025-12-16 |
| CVE-2025-68070 | WordPress plugin VK Google Job Posting Manager 跨站脚本漏洞 — VK Google Job Posting Manager | 6.5 | Medium | 2025-12-16 |
| CVE-2025-68077 | WordPress plugin Stockholm 安全漏洞 — Stockholm | 6.5 | Medium | 2025-12-16 |
CWE-79(在Web页面生成时对输入的转义处理不恰当(跨站脚本)) 是常见的弱点类别,本平台收录该类弱点关联的 21529 条 CVE 漏洞。