Improper Encoding or Escaping of Output

The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

CVEs (434)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-29872 1Ibm 1Cloud Pak For Automation Nov 21, 2024 Jan 18, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTT...Show more IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 206228.Show less
CVE-2021-4068 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-0933 1Google 1Android Nov 21, 2024 Dec 15, 2021 N/A· v4 8.0 HIGH· v3 7.9 HIGH· v2 In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation o...Show more In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation of privilege, confusing the user into accepting pairing of a malicious Bluetooth device, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-172251622Show less
CVE-2021-44042 1Uipath 1Assistant Nov 21, 2024 Dec 14, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly encoded, resulting in attacker-controlled cont...Show more An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly encoded, resulting in attacker-controlled content being injected into the error message displayed (when the injected content does not match an existing process). A determined attacker could leverage this to execute JavaScript in the context of the Electron application.Show less
CVE-2021-38182 1Kyma Project 1Kyma Nov 21, 2024 Dec 14, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster.
CVE-2021-40007 1Huawei 1Ecns280 Td Firmware Nov 21, 2024 Dec 13, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to informa...Show more There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure.Show less
CVE-2021-43410 1Apache 1Airavata Django Portal Nov 21, 2024 Dec 9, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Apache Airavata Django Portal allows CRLF log injection because of lack of escaping log statements. In particular, some HTTP request parameters are logged without first being escaped. Versions affected: master branch bef...Show more Apache Airavata Django Portal allows CRLF log injection because of lack of escaping log statements. In particular, some HTTP request parameters are logged without first being escaped. Versions affected: master branch before commit 3c5d8c7 [1] of airavata-django-portal [1] https://github.com/apache/airavata-django-portal/commit/3c5d8c72bfc3eb0af8693a655a5d60f9273f8170Show less
CVE-2021-20844 2Ntt West Yamaha 8Biz Box Nvr510 Firmware Biz Box Nvr700w FirmwareBiz Box Rtx1210 Firmware+5 more Nov 21, 2024 Nov 24, 2021 N/A· v4 5.7 MEDIUM· v3 3.5 LOW· v2 Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14....Show more Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive information via a specially crafted web page.Show less
CVE-2021-42250 1Apache 1Superset Nov 21, 2024 Nov 17, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs.
CVE-2021-41232 1Thunderdome 1Planning Poker Nov 21, 2024 Nov 2, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The pro...Show more Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in version 1.16.3. If users are unable to update they should disable the LDAP feature if in use.Show less
CVE-2021-41191 1Redon 1Roblox Purchasing Hub Nov 21, 2024 Oct 27, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. A security risk in versions 1.0.1 and prior allowed people who have someone's API URL to get product files without an API key. This issue is fixed in...Show more Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. A security risk in versions 1.0.1 and prior allowed people who have someone's API URL to get product files without an API key. This issue is fixed in version 1.0.2. As a workaround, add `@require_apikey` in `BOT/lib/cogs/website.py` under the route for `/v1/products`.Show less
CVE-2021-41132 1Openmicroscopy 2Omero Figure Omero Web Nov 21, 2024 Oct 14, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanitization and use of ``...Show more OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanitization and use of ``jQuery.html()``, there are a whole host of cross-site scripting possibilities with specially crafted input to a variety of fields. This issue is patched in version 5.11.0. There are no known workarounds aside from upgrading.Show less
CVE-2021-21684 1Jenkins 1Git Nov 21, 2024 Oct 6, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerabilit...Show more Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability.Show less
CVE-2021-33672 1Sap 1Contact Center Nov 21, 2024 Sep 14, 2021 N/A· v4 9.6 CRITICAL· v3 9.3 HIGH· v2 Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets e...Show more Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in the application, the attacker can further execute operating system level commands in the chat recipient's scope. This could lead to a complete compromise of their confidentiality, integrity, and could temporarily impact their availability.Show less
CVE-2021-39170 1Pimcore 1Pimcore Nov 21, 2024 Sep 1, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Pimcore is an open source data & experience management platform. Prior to version 10.1.2, an authenticated user could add XSS code as a value of custom metadata on assets. There is a patch for this issue in Pimcore versi...Show more Pimcore is an open source data & experience management platform. Prior to version 10.1.2, an authenticated user could add XSS code as a value of custom metadata on assets. There is a patch for this issue in Pimcore version 10.1.2. As a workaround, users may apply the patch manually.Show less
CVE-2021-39367 1Canon 1Oce Print Exec Workgroup Nov 21, 2024 Aug 23, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Canon Oce Print Exec Workgroup 1.3.2 allows Host header injection.
CVE-2021-22254 1Gitlab 1Gitlab Nov 21, 2024 Aug 20, 2021 N/A· v4 4.3 MEDIUM· v3 3.5 LOW· v2 Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9.
CVE-2021-38751 1Exponentcms 1Exponentcms Nov 21, 2024 Aug 16, 2021 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM.
CVE-2021-32072 1Mitel 1Micollab Nov 21, 2024 Aug 13, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful expl...Show more The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods.Show less
CVE-2021-32067 1Mitel 1Micollab Nov 21, 2024 Aug 13, 2021 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization.

Previous 1...171819...22 Next