Cwe 79

🧬 CWE Related 66

slug: cwe-79

Explanation

CWE-79は「Webアプリがユーザー入力をきちんと無害化せずに画面に出力してしまう欠陥」のことです。結果として、攻撃者はWebページに悪意あるJavaScriptを埋め込めるようになり、見た人のCookie (ログイン情報) や入力情報を盗めるようになります。対策はWebの基本中の基本: 出力時のHTMLエスケープです。

📌 Example

MySpace ワーム「Samy」 (2005): 1人の投稿が見るだけで他人のプロフィールにコピーされ、24時間で100万人に感染した。

🔗 Related links

🔖 Related tags

Cwe 20125 Cwe 78120 Cwe 787105 Cwe 41699 Cwe 2296 Cwe 11990 Cwe 9484 Cwe 50270 Cwe 8954 Cwe 91844 Cwe 28443 Cwe 28741 Cwe 7740 Cwe 30638 Cwe 84337

🛡 Vulnerabilities tagged with this 67

ID	Title	Severity	Detected
CVE-2026-8195	Cross-Site Scripting (XSS) in CVE-2026-8195 (CVE-2026-8195)	Medium	1 hour ago
CVE-2026-42455	Cross-Site Scripting (XSS) in CVE-2026-42455 (CVE-2026-42455)		22 hours ago
CVE-2026-42556	Cross-Site Scripting (XSS) in CVE-2026-42556 (CVE-2026-42556)	High	23 hours ago
CVE-2026-42451	Cross-Site Scripting (XSS) in CVE-2026-42451 (CVE-2026-42451)	Medium	23 hours ago
CVE-2026-42224	Cross-Site Scripting (XSS) in CVE-2026-42224 (CVE-2026-42224)	High	23 hours ago
CVE-2026-42192	Cross-Site Scripting (XSS) in react (CVE-2026-42192)	Medium	1 day ago
CVE-2026-42794	Cross-Site Scripting (XSS) in CVE-2026-42794 (CVE-2026-42794)		1 day ago
CVE-2026-41886	Cross-Site Scripting (XSS) in CVE-2026-41886 (CVE-2026-41886)	High	1 day ago
CVE-2026-41683	Cross-Site Scripting (XSS) in express (CVE-2026-41683)	High	1 day ago
CVE-2026-41591	Cross-Site Scripting (XSS) in CVE-2026-41591 (CVE-2026-41591)	Medium	1 day ago
CVE-2026-41576	Cross-Site Scripting (XSS) in CVE-2026-41576 (CVE-2026-41576)	High	1 day ago
CVE-2026-41575	Cross-Site Scripting (XSS) in CVE-2026-41575 (CVE-2026-41575)	Medium	1 day ago
CVE-2026-41524	Cross-Site Scripting (XSS) in laravel (CVE-2026-41524)	High	1 day ago
CVE-2026-7475	Cross-Site Scripting (XSS) in wordpress (CVE-2026-7475)	Medium	1 day ago
CVE-2026-7650	Cross-Site Scripting (XSS) in wordpress (CVE-2026-7650)	Medium	1 day ago
CVE-2026-5341	Cross-Site Scripting (XSS) in wordpress (CVE-2026-5341)	Medium	1 day ago
CVE-2026-7330	Cross-Site Scripting (XSS) in wordpress (CVE-2026-7330)	High	1 day ago
CVE-2024-33724	Cross-Site Scripting (XSS) in CVE-2024-33724 (CVE-2024-33724)	Medium	1 day ago
CVE-2023-42345	Cross-Site Scripting (XSS) in CVE-2023-42345 (CVE-2023-42345)	Medium	1 day ago
CVE-2023-42343	Cross-Site Scripting (XSS) in CVE-2023-42343 (CVE-2023-42343)	Medium	1 day ago
CVE-2022-23961	Cross-Site Scripting (XSS) in CVE-2022-23961 (CVE-2022-23961)	Medium	1 day ago
CVE-2026-8136	Cross-Site Scripting (XSS) in CVE-2026-8136 (CVE-2026-8136)	Low	1 day ago
CVE-2026-42150	Cross-Site Scripting (XSS) in CVE-2026-42150 (CVE-2026-42150)	Medium	1 day ago
CVE-2026-8117	Cross-Site Scripting (XSS) in CVE-2026-8117 (CVE-2026-8117)	Medium	1 day ago
CVE-2026-8106	Cross-Site Scripting (XSS) in CVE-2026-8106 (CVE-2026-8106)		2 days ago
CVE-2026-41929	Cross-Site Scripting (XSS) in CVE-2026-41929 (CVE-2026-41929)	Medium	2 days ago
CVE-2026-32207	Cross-Site Scripting (XSS) in microsoft (CVE-2026-32207)	High	2 days ago
CVE-2026-41692	Cross-Site Scripting (XSS) in CVE-2026-41692 (CVE-2026-41692)	Medium	2 days ago
CVE-2025-67202	Cross-Site Scripting (XSS) in CVE-2025-67202 (CVE-2025-67202)	Medium	2 days ago
CVE-2026-35453	Cross-Site Scripting (XSS) in phpoffice/phpspreadsheet (CVE-2026-35453)	Medium	4 days ago

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →