CWE-917

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

Parent: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of an expression language (EL) statement in a framework such as a Java Server Page (JSP) using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended EL statement before it is executed.

180 vulnerabilities with CWE-917
CVE-2026-40478 CRITICAL
Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf
CVSS 9.0
CVE-2026-40477 CRITICAL
Improper restriction of the scope of accessible objects in Thymeleaf expressions
CVSS 9.0
CVE-2026-39842 CRITICAL
OpenRemote is Vulnerable to Expression Injection
CVSS 9.9
CVE-2026-22738 CRITICAL
SpEL Injection via Unescaped Filter Key in SimpleVectorStore Leads to Remote Code Execution
CVSS 9.8
CVE-2026-22729 HIGH
CVE-2026-22729: JSONPath Injection in Spring AI Vector Stores FilterExpressionConverter
CVSS 8.6
CVE-2026-24713 CRITICAL
Apache IoTDB 1.0.0-1.3.6/2.0.0-2.0.6 - Input Validation
CVSS 9.8
CVE-2025-11175 HIGH
Mediawiki - DiscussionTools Extension <1.44-1.43 - Code Injection
CVE-2025-41253 HIGH
Spring Cloud Gateway Server Webflux - Info Disclosure
CVSS 7.5
CVE-2025-41243 CRITICAL
Spring Cloud Gateway Server Webflux - Info Disclosure
CVSS 10.0
CVE-2025-3322 CRITICAL
Product - Code Injection
CVE-2024-51466 CRITICAL
IBM Cognos Analytics <11.2.4 FP4-12.0.4 - Code Injection
CVSS 9.0
CVE-2024-12798 MEDIUM
JaninoEventEvaluator <1.3.14, <1.5.12 - RCE
CVE-2024-9672 MEDIUM
Papercut MF < 24.1.1 - XSS
CVSS 5.4
CVE-2024-7552 MEDIUM
DataGear <5.0.0 - Improper Neutralization
CVSS 6.3
CVE-2024-5828 HIGH
Hitachi Tuning Manager <8.8.7-00 - Code Injection
CVSS 8.6
CVE-2024-4286 MEDIUM
Mintplex-Labs' anything-llm - Info Disclosure
CVSS 4.9
CVE-2024-0715 HIGH
Hitachi Global Link Manager <8.8.7-03 - Code Injection
CVSS 7.6
CVE-2023-51593 CRITICAL
Voltronic Power ViewPower Pro - RCE
CVSS 9.8
CVE-2023-42658 HIGH
Chef InSpec <4.56.58, 5.22.29 - Command Injection
CVSS 8.8
CVE-2023-41331 CRITICAL
SOFARPC <5.11.0 - Command Injection
CVSS 9.8
CVE-2023-32200 HIGH
Apache Jena <4.8.0 - RCE
CVSS 8.8
CVE-2023-22665 MEDIUM
Apache Jena <4.7.0 - XSS
CVSS 5.4
CVE-2023-20863 MEDIUM
Vmware Spring Framework < 5.2.24 - Denial of Service
CVSS 6.5
CVE-2023-27821 CRITICAL
Databasir - Remote Code Execution
CVSS 9.8
CVE-2023-26092 CRITICAL
Liima <1.17.28 - SSRF
CVSS 9.8
Details
Vulnerabilities 180
Links
MITRE CWE Entry Search this CWE With Exploits