Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-23 | CVE-2021-4068 | Improper Encoding or Escaping of Output vulnerability in multiple products Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2021-12-15 | CVE-2021-0933 | Improper Encoding or Escaping of Output vulnerability in Google Android In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. | 8.0 |
| 2021-12-14 | CVE-2021-44042 | Improper Encoding or Escaping of Output vulnerability in Uipath Assistant 21.4.4 An issue was discovered in UiPath Assistant 21.4.4. | 9.8 |
| 2021-12-14 | CVE-2021-38182 | Improper Encoding or Escaping of Output vulnerability in Kyma-Project Kyma Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster. | 8.8 |
| 2021-12-13 | CVE-2021-40007 | Improper Encoding or Escaping of Output vulnerability in Huawei Ecns280 TD Firmware V100R005C10Spc650 There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. | 6.5 |
| 2021-12-09 | CVE-2021-43410 | Improper Encoding or Escaping of Output vulnerability in Apache Airavata Django Portal Apache Airavata Django Portal allows CRLF log injection because of lack of escaping log statements. | 5.3 |
| 2021-11-24 | CVE-2021-20844 | Improper Encoding or Escaping of Output vulnerability in multiple products Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive information via a specially crafted web page. | 5.7 |
| 2021-11-17 | CVE-2021-42250 | Improper Encoding or Escaping of Output vulnerability in Apache Superset Improper output neutralization for Logs. | 6.5 |
| 2021-11-02 | CVE-2021-41232 | Improper Encoding or Escaping of Output vulnerability in Thunderdome Planning Poker Thunderdome is an open source agile planning poker tool in the theme of Battling for points. | 9.8 |
| 2021-10-06 | CVE-2021-21684 | Improper Encoding or Escaping of Output vulnerability in Jenkins GIT Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability. | 6.1 |