Download

Alert Tag: CWE-79

Alert Tags > CWE-79

https://cwe.mitre.org/data/definitions/79.html

All of the alerts which use this tag:
ID Alert Status Risk Type
40012 Cross Site Scripting (Reflected) release High Active
40014-1 Cross Site Scripting (Persistent) release High Active
40014-2 Cross Site Scripting Weakness (Persistent in JSON Response) release Low Active
40014-3 Cross Site Scripting (Persistent) release High Active
40026 Cross Site Scripting (DOM Based) release High Active
40101 Cross-site Scripting alpha High Tool
40102 Cross-site Scripting alpha High Tool
100014 Reflected HTTP GET Parameter(s) alpha Informational Script Passive
200002-1 XSS - Unfiltered <script> tag alpha High Tool
200002-2 XSS - Script tag after noscript tag alpha High Tool
200002-3 XSS - Svg tag with animation event alpha High Tool
200002-4 XSS - Img onerror alpha High Tool
200002-5 XSS - Img onerror alpha High Tool
200002-6 XSS - attribute context img onerror alpha High Tool
200002-7 XSS - SVG onload polyglot alpha High Tool
200002-8 XSS - JS string break-out alpha High Tool
200002-9 XSS - JS template literal break-out alpha High Tool
200002-10 XSS - JS expression replacement alpha High Tool
200002-11 XSS - JS single-quoted string break-out alpha High Tool
200002-12 XSS - JS slash/regex literal break-out alpha High Tool
200002-13 XSS - JS block comment break-out alpha High Tool
200002-14 XSS - double-quoted attribute event injection alpha High Tool
200002-15 XSS - single-quoted attribute event injection alpha High Tool
200002-16 XSS - unquoted attribute event injection alpha High Tool
200002-17 XSS - attribute-name event injection alpha High Tool
200002-18 XSS - tag-name SVG onload injection alpha High Tool
200007 SPA hash DOM XSS alpha High Tool
200021-1 AngularJS template injection - reflected 1.0.1 to 1.1.5 alpha High Tool
200021-2 AngularJS expression injection - expression 1.0.1 to 1.1.5 alpha High Tool
200021-3 AngularJS template injection - reflected short legacy 1.0.1 to 1.1.5 alpha High Tool
200021-4 AngularJS template injection - reflected 1.2.0 to 1.2.1 alpha High Tool
200021-5 AngularJS expression injection - expression 1.2.0 to 1.2.18 alpha High Tool
200021-6 AngularJS template injection - reflected 1.2.2 to 1.2.5 alpha High Tool
200021-7 AngularJS template injection - reflected 1.2.6 to 1.2.18 alpha High Tool
200021-8 AngularJS expression injection - expression 1.2.6 to 1.2.18 alpha High Tool
200021-9 AngularJS template injection - reflected 1.2.19 to 1.2.23 alpha High Tool
200021-10 AngularJS expression injection - expression 1.2.19 to 1.2.23 alpha High Tool
200021-11 AngularJS template injection - reflected 1.2.24 to 1.2.29 alpha High Tool
200021-12 AngularJS expression injection - expression 1.2.24 to 1.2.26 alpha High Tool
200021-13 AngularJS expression injection - expression 1.2.27 to 1.3.20 alpha High Tool
200021-14 AngularJS template injection - reflected 1.4.0 to 1.4.9 alpha High Tool
200021-15 AngularJS expression injection - expression 1.4.0 to 1.4.5 alpha High Tool
200021-16 AngularJS template injection - reflected 1.5.0 to 1.5.8 alpha High Tool
200021-17 AngularJS expression injection - expression 1.4.2 to 1.5.8 alpha High Tool
200021-18 AngularJS template injection - reflected 1.6 and later alpha High Tool
200021-19 AngularJS expression injection - expression 1.6 and later alpha High Tool
200021-20 AngularJS expression injection - single-quote expression 1.2.19 to 1.2.23 alpha High Tool
200021-21 AngularJS template injection - reflected eval 1.4.0 to 1.4.9 alpha High Tool
200021-22 AngularJS template injection - HTML entity delimiters 1.4.0 to 1.4.9 alpha High Tool
200021-23 AngularJS template injection - HTML entity alternate delimiters 1.4.0 to 1.4.9 alpha High Tool
200021-24 AngularJS expression injection - eval expression 1.4.0 to 1.4.9 alpha High Tool
200021-25 AngularJS template injection - alternate delimiters 1.6 and later alpha High Tool
200022-1 DOM XSS via query param HTML image onerror alpha High Tool
200022-2 DOM XSS via query param attribute breakout alpha High Tool
200022-3 DOM XSS via query param JS double-quote breakout alpha High Tool
200022-4 DOM XSS via query param JS single-quote breakout alpha High Tool
200022-5 DOM XSS via query param JS template literal breakout alpha High Tool
200022-6 DOM XSS via query param JS expression execution alpha High Tool
200022-7 DOM XSS via query param JS regex breakout alpha High Tool
200022-8 DOM XSS via query param JS block-comment breakout alpha High Tool
200022-9 DOM XSS via query param script-tag breakout alpha High Tool
200022-10 DOM XSS via query param event-handler value alpha High Tool
200022-11 DOM XSS via query param attribute-name event injection alpha High Tool
200022-12 DOM XSS via query param double-quoted attribute event breakout alpha High Tool
200022-13 DOM XSS via query param double-quoted resource onerror breakout alpha High Tool
200022-14 DOM XSS via query param single-quoted attribute event breakout alpha High Tool
200022-15 DOM XSS via query param unquoted attribute event injection alpha High Tool
200022-16 DOM XSS via query param SVG tag-name event injection alpha High Tool
200022-17 DOM XSS via query param javascript: URL alpha High Tool
200022-18 DOM XSS via query param style-block breakout alpha High Tool
200024 JSONP callback parameter controls JavaScript response alpha Medium Tool
210000-1 DOM XSS via inline event handler alpha High Tool
210000-2 DOM XSS via Element.innerHTML alpha High Tool
210000-3 DOM XSS via Element.outerHTML alpha High Tool
210000-4 DOM XSS via insertAdjacentHTML alpha High Tool
210000-5 DOM XSS via document.write alpha High Tool
210000-6 DOM XSS via DOM mutations alpha High Tool
210003-1 javascript: URL assigned to href alpha High Tool
210003-2 javascript: URL navigated via location.href alpha High Tool
210003-3 javascript: URL assigned to iframe.src alpha High Tool
210003-4 data: URL assigned to script.src alpha High Tool
210003-5 data: URL assigned to href alpha High Tool
210003-6 javascript: URL assigned to src alpha High Tool
210003-7 data: URL assigned to src alpha High Tool
210003-8 data: URL navigated via location.href alpha High Tool
210003-9 javascript: URL navigated via location.assign alpha High Tool
210003-10 data: URL navigated via location.assign alpha High Tool
210003-11 javascript: URL navigated via location.replace alpha High Tool
210003-12 data: URL navigated via location.replace alpha High Tool
210003-13 javascript: URL opened via window.open alpha High Tool
210003-14 data: URL opened via window.open alpha High Tool
210003-15 data: URL assigned to iframe.src alpha High Tool
210006-1 javascript: URL assigned to form action alpha High Tool
210006-2 javascript: URL assigned to formAction alpha High Tool
210006-3 data: URL assigned to form action alpha Medium Tool
210006-4 data: URL assigned to formAction alpha Medium Tool
210007-1 Response field rendered via innerHTML alpha High Tool
210007-2 Response field rendered via document.write alpha High Tool
210007-3 Response field rendered via outerHTML alpha High Tool
210007-4 Response field rendered via insertAdjacentHTML alpha High Tool
210007-5 Response field rendered via DOM mutation alpha Medium Tool
210007-6 Response field parsed via DOMParser alpha Medium Tool
210007-7 Response field parsed via createContextualFragment alpha Medium Tool
210007-8 Response field rendered via setHTMLUnsafe alpha High Tool
210007-9 Response field rendered via ShadowRoot.setHTMLUnsafe alpha High Tool
210009-1 AngularJS expression executed through Function constructor alpha High Tool
210009-2 AngularJS $parse expression from form input alpha High Tool
210009-3 AngularJS $parse expression from cookie alpha High Tool
210009-4 AngularJS $parse expression from localStorage alpha High Tool
210009-5 AngularJS $parse expression from postMessage alpha High Tool
210016-1 DOM XSS via DOMParser.parseFromString alpha Medium Tool
210016-2 DOM XSS via Range.createContextualFragment alpha High Tool
210016-3 DOM XSS via Element.setHTMLUnsafe alpha High Tool
210016-4 DOM XSS via ShadowRoot.setHTMLUnsafe alpha High Tool
210017-1 DOM XSS via innerHTML (secondary sources) alpha High Tool
210017-2 DOM XSS via outerHTML (secondary sources) alpha High Tool
210017-3 DOM XSS via insertAdjacentHTML (secondary sources) alpha High Tool
210017-4 DOM XSS via document.write (secondary sources) alpha High Tool
210017-5 DOM XSS via inline handlers (secondary sources) alpha High Tool
210017-6 DOM XSS via DOM mutation (secondary sources) alpha High Tool
210017-7 DOM XSS via iframe.srcdoc (secondary sources) alpha High Tool
220000-1 Disallow innerHTML/outerHTML assignments alpha High Tool
220000-2 Review uses of appendChild alpha High Tool
220000-3 Disallow document.write()/writeln() alpha High Tool
220000-4 Review DOMParser.parseFromString with dynamic HTML/XML alpha High Tool
220000-5 template.innerHTML with dynamic content alpha High Tool
220000-6 Inline event handler built from dynamic data alpha High Tool
220000-7 Disallow insertAdjacentHTML() alpha High Tool
220000-8 DOM-based XSS (taint flow) alpha High Tool
220000-9 DOM XSS via innerHTML (Angular) alpha High Tool
220004-1 Tainted data passed to AngularJS $parse alpha High Tool
220004-2 Tainted data compiled as AngularJS template alpha High Tool
220004-3 Dynamic AngularJS $parse expression alpha High Tool
220004-4 Dynamic AngularJS $compile/$interpolate template alpha High Tool
220004-5 AngularJS interpolation delimiters in template string alpha High Tool
220004-6 AngularJS ng-* expression attribute alpha High Tool