CWE-707

Improper Neutralization

The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

251 vulnerabilities with CWE-707
CVE-2022-4595 LOW
django-openipam < 2022-11-11 - Cross-Site Scripting in Exposed Hosts Report Template
CVSS 3.5
CVE-2022-4593 LOW
retra-system < 2022-01-07 - Cross-Site Scripting
CVSS 3.5
CVE-2022-4592 MEDIUM
CRMx - SQL Injection via index.php get/save/delete/comment/commentdelete Functions
CVSS 6.3
CVE-2022-4591 LOW
toto < 1.4.21 - Cross-Site Scripting in Email Parameter Handler
CVSS 3.5
CVE-2022-4590 LOW
toto < 1.4.21 - Cross-Site Scripting in Todo List Handler
CVSS 3.5
CVE-2022-4587 MEDIUM
Opencaching Deutschland oc-server3 - XSS
CVSS 4.3
CVE-2022-4586 LOW
Opencaching Deutschland oc-server3 - XSS
CVSS 3.5
CVE-2022-4585 LOW
Opencaching Deutschland oc-server3 - XSS
CVSS 3.5
CVE-2022-4582 LOW
Starter Public Edition <4.6.10 - XSS
CVSS 3.5
CVE-2022-4581 LOW
mind-map - Cross-Site Scripting via HTML Argument in app.coffee
CVSS 3.5
CVE-2022-4566 MEDIUM
y_project RuoYi <4.7.5 - SQL Injection
CVSS 5.5
CVE-2022-4561 LOW
SemanticDrilldown < 2022-08-12 - Cross-Site Scripting via GET Parameter Handler
CVSS 3.5
CVE-2022-4559 LOW
INEX IXP-Manager < 6.3.0 - Cross-Site Scripting in Customer List View
CVSS 3.5
CVE-2022-4558 LOW
Alinto SOGo < 5.8.0 - Cross-Site Scripting in Folder/Mail Handler
CVSS 3.5
CVE-2022-4556 LOW
Alinto SOGo < 5.8.0 - Cross-Site Scripting in Identity Handler
CVSS 3.5
CVE-2022-4526 LOW
django-photologue < 3.16 - Cross-Site Scripting in Photo Detail Template Caption
CVSS 3.5
CVE-2022-4523 LOW
virtual_exim_2 < 2022-01-23 - Cross-Site Scripting
CVSS 3.5
CVE-2022-4522 LOW
CalendarXP < 10.0.1 - Cross-Site Scripting
CVSS 3.5
CVE-2022-4520 LOW
WSO2 carbon-registry < 4.8.12 - Cross-Site Scripting via Advanced Search Parameters
CVSS 3.5
CVE-2022-4514 LOW
oc-server3 - Cross-Site Scripting via varvalue Parameter in htdocs/lang/de/ocstyle/varset.inc.php
CVSS 3.5
CVE-2022-4513 LOW
eionet_content_registry < 2022-06-27T0948 - Cross-Site Scripting via searchTag/resourceUri Parameter
CVSS 3.5
CVE-2022-4456 LOW
falling-fruit < 2022-03-07 - Cross-Site Scripting
CVSS 3.5
CVE-2022-4454 MEDIUM
m0ver bible-online < 2022-10-02 - SQL Injection in Search Handler
CVSS 5.5
CVE-2022-4444 LOW
ipti br.tag < 2.13.0 - Cross-Site Scripting
CVSS 3.5
CVE-2022-4421 LOW
rAthena FluxCP < 2022-02-11 - Cross-Site Scripting via Service Desk Image URL Handler
CVSS 3.5
Details
Vulnerabilities 251
Links
MITRE CWE Entry Search this CWE With Exploits