Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-116

CWE-116

High likelihood

Improper Encoding or Escaping of Output

Parent: CWE-707 - Improper Neutralization

The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

446 vulnerabilities with CWE-116

CVE-2023-39527 HIGH

PrestaShop < 1.7.8.10, 8.0.5, 8.1.1 - Cross-Site Scripting via isCleanHTML Method

CVE-2023-3997 HIGH

Splunk SOAR <6.1.0 - Code Injection

CVE-2023-35941 HIGH

Envoy <1.27.0-1.23.12 - Auth Bypass

CVE-2023-34036 MEDIUM

Reactive web apps using Spring HATEOAS - SSRF

CVE-2023-3668 HIGH

GitHub froxlor/froxlor <2.0.21 - XSS

CVE-2023-24480 CRITICAL

Honeywell C300 Firmware 501.1-501.6hf8 - Denial of Service via Message Decoding Stack Overflow

CVE-2023-2200 MEDIUM

GitLab CE/EE <15.11.10, <16.0.6, <16.1.1 - XSS

CVE-2023-36921 HIGH

SAP Solution Manager (Diagnostics agent) -7.20 - SSRF

CVE-2023-36919 MEDIUM

SAP Enable Now - Unauthenticated Exposure of Sensitive Information via Missing Referrer-Policy Header

CVE-2023-3552 MEDIUM

nilsteampassnet/teampass <3.0.10 - Info Disclosure

CVE-2023-32301 LOW

Discourse <3.0.4-3.1.0.beta5 - Info Disclosure

CVE-2023-3190 MEDIUM

nilsteampassnet/teampass <3.0.9 - Info Disclosure

CVE-2023-29543 HIGH

Firefox and Focus for Android < 112.0 - Use-After-Free in Debugger Vector

CVE-2023-29541 HIGH

Firefox < 112.0 - Arbitrary Command Execution via .desktop File Download

CVE-2023-23599 MEDIUM

Firefox < 109, Firefox ESR < 102.7, Thunderbird < 102.7 - Command I...

CVE-2023-32712 HIGH

Splunk Enterprise <9.1.0.2, <9.0.5.1, <8.2.11.2 - Code Injection

CVE-2023-1711 MEDIUM

HitachiEnergy FOXMAN-UN and UNEM - Information Disclosure in Logging Component

CVE-2023-31669 MEDIUM

WebAssembly wat2wasm <1.0.32 - Code Injection

CVE-2023-32071 CRITICAL

XWiki Platform <2.2-14.4.8, <14.10.4, <15.0-rc-1 - XSS

CVE-2023-30844 LOW

Mutagen <0.16.6-0.17.1 - Info Disclosure

CVE-2023-28733 HIGH

AnyMailing Joomla Plugin <8.3.0 - XSS

CVE-2023-28101 MEDIUM

Flatpak <1.10.8, <1.12.8, <1.14.4, <1.15.4 - Privilege Escalation

CVE-2023-28487 MEDIUM

sudo < 1.9.13 - Improper Output Escaping in sudoreplay

CVE-2023-28486 MEDIUM

sudo < 1.9.13 - Log Injection via Unescaped Control Characters

CVE-2023-26472 CRITICAL

XWiki 6.2.1-13.10.9 - Unauthenticated Remote Code Execution via Icon Theme Sheet Injection

Previous Page 11 of 18 Next

Details

Vulnerabilities 446

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy