16 matches found
CVE-2026-48358 Adobe Commerce | Improper Encoding or Escaping of Output (CWE-116)
Adobe Commerce is affected by an Improper Encoding or Escaping of Output vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...
ROS-20260506-73-0035
Vulnerability in tomcat10 related to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
ROS-20260506-73-0034
Vulnerability in tomcat due to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260506-73-0036
Vulnerability in tomcat11 related to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260417-73-0046
Vulnerability in glpi due to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260417-73-0044
Vulnerability in glpi due to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
CVE-2025-12697 Improper Encoding or Escaping of Output in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with maintainer-role permissions to reveal Datadog API credentials under certain conditions...
ROS-20260129-73-0020
Vulnerability in python-ldap due to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
ROS-20260122-73-0027
Vulnerability in httpd related to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability allows a remote attacker to gain access to sensitive data...
Siemens SIMATIC S7-1500 Improper Encoding or Escaping of Output (CVE-2022-25235)
xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
EUVD-2019-16354
Malware in sbrugna...
The vulnerability of the modules/proxy/mod_proxy.c component of the Apache HTTP Server, related to a lack of mechanisms for encoding or shielding output data, allows attackers to gain access to confidential data and also trigger a denial-of-service attack.
The vulnerability of the modules/proxy/modproxy.c component of the Apache HTTP Server is related to a lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service failures...
CVE-2022-39017 XSS in all comments fields in M-Files Hubshare
Improper input validation and output encoding in all comments fields, in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to introduce cross-site scripting attacks via specially crafted comments...
CVE-2022-22571
An authenticated high privileged user can perform a stored XSS attack due to incorrect output encoding in Incapptic connect and affects all current versions...
PT-2021-6751 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.1 through 14.1.2 GitLab CE/EE version 14.0.7 GitLab CE/EE version 13.12.9 Description: The issue is related to a lack of proper output encoding or escaping in GitLab, a platform for collaborative code development. Und...
GitLab Cross-Site Scripting Vulnerability (CNVD-2018-16515)
GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. A cross-site scriptin...