Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-80 (Web页面中脚本相关HTML标签转义处理不恰当(基本跨站脚本)) — Vulnerability Class 399

399 vulnerabilities classified as CWE-80 (Web页面中脚本相关HTML标签转义处理不恰当(基本跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-35680 WordPress YITH WooCommerce Product Add-Ons plugin <= 4.9.2 - Content Injection vulnerability — YITH WooCommerce Product Add-Ons 5.3 Medium2024-06-10
CVE-2024-37156 TokenController formName not sanitized in hidden input — SuluFormBundle 6.1 Medium2024-06-06
CVE-2024-32464 ActionText ContentAttachment can Contain Unsanitized HTML — rails 6.1 Medium2024-06-04
CVE-2023-49852 WordPress Responsive Slick Slider WordPress plugin <= 1.4 - Content Injection vulnerability — Responsive Slick Slider WordPress 6.5 Medium2024-06-04
CVE-2023-48285 WordPress Accept Stripe Payments plugin <= 2.0.79 - Content Injection vulnerability — Stripe Payments 5.3 Medium2024-06-04
CVE-2023-47513 WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.3.2 - Content Injection vulnerability — ARI Stream Quiz 5.4 Medium2024-06-04
CVE-2023-46310 WordPress wpDiscuz plugin <= 7.6.10 - Content Injection vulnerability — wpDiscuz 5.3 Medium2024-06-04
CVE-2023-45635 WordPress Responsive Tabs plugin < 4.0.6 - HTML Content Injection vulnerability — Responsive Tabs 5.4 Medium2024-06-04
CVE-2023-45053 WordPress WP Content Pilot plugin <= 1.3.3 - HTML Injection vulnerability — WP Content Pilot – Autoblogging & Affiliate Marketing Plugin 4.3 Medium2024-06-04
CVE-2023-40557 WordPress Tabs & Accordion plugin <= 1.3.10 - Content Injection vulnerability — Tabs & Accordion 5.4 Medium2024-06-04
CVE-2023-39161 WordPress Discussion Board plugin <= 2.4.8 - Content Injection vulnerability — Discussion Board 5.4 Medium2024-06-04
CVE-2023-23735 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Unauthenticated Email HTML Injection Vulnerability — Spectra 5.3 Medium2024-06-03
CVE-2024-35224 Stored Cross-Site Scripting (XSS) in OpenProject — openproject 7.6 High2024-05-23
CVE-2024-23522 WordPress Formidable Forms plugin <= 6.7 - Content Injection vulnerability — Formidable Forms 5.3 Medium2024-05-17
CVE-2024-4214 WordPress cardealer plugin <= 4.15 - Content Injection vulnerability — Car Dealer 2.7 Low2024-05-17
CVE-2024-24874 WordPress Polls CP plugin <= 1.0.71 - Content Injection vulnerability — CP Polls 5.3 Medium2024-05-17
CVE-2024-32790 WordPress Pricing Table by Supsystic plugin <= 1.9.12 - Content Injection vulnerability — Pricing Table by Supsystic 4.3 Medium2024-05-17
CVE-2024-34699 GZ::CTF allows unprivileged user can perform XSS attacks by constructing malicious team names. — GZCTF 6.5 Medium2024-05-13
CVE-2023-48763 WordPress JetFormBuilder plugin <= 3.1.4 - Content Injection vulnerability — JetFormBuilder 5.3 Medium2024-04-24
CVE-2023-23989 WordPress RegistrationMagic plugin <= 5.1.9.2 - Content Injection — RegistrationMagic 5.3 Medium2024-04-24
CVE-2024-32875 Hugo doesn't escape markdown title in internal render hooks — hugo 6.1 Medium2024-04-23
CVE-2024-2380 XSS in graph rendering — Checkmk 4.6 Medium2024-04-05
CVE-2024-25690 HTML injection in ArcGIS Web AppBuilder — ArcGIS Enterprise Web App Builder 4.7 Medium2024-04-04
CVE-2024-20362 Cisco Small Business 安全漏洞 — Cisco Small Business RV Series Router Firmware 6.1 Medium2024-04-03
CVE-2024-1606 HTML injection in BMC Control-M — Control-M 4.6 Medium2024-03-18
CVE-2024-24807 Sulu is vulnerable to HTML Injection via Autocomplete Suggestion — sulu 2.7 Low2024-02-05
CVE-2024-24571 facileManager Systemic Cross-Site Scripting (XSS) — facileManager 5.4 Medium2024-01-31
CVE-2024-23841 XSS in @apollo/experimental-nextjs-app-support — apollo-client-nextjs 8.2 High2024-01-30
CVE-2023-5933 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in GitLab — GitLab 6.4 Medium2024-01-26
CVE-2023-20257 Cisco Evolved Programmable Network Manager 和 Cisco Prime Infrastructure 安全漏洞 — Cisco Prime Infrastructure 4.8 Medium2024-01-17

Vulnerabilities classified as CWE-80 (Web页面中脚本相关HTML标签转义处理不恰当(基本跨站脚本)) represent 399 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.