Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-14 | CVE-2021-44042 | Improper Encoding or Escaping of Output vulnerability in Uipath Assistant 21.4.4 An issue was discovered in UiPath Assistant 21.4.4. | 9.8 |
| 2021-12-14 | CVE-2021-38182 | Improper Encoding or Escaping of Output vulnerability in Kyma-Project Kyma Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster. | 8.8 |
| 2021-12-13 | CVE-2021-40007 | Improper Encoding or Escaping of Output vulnerability in Huawei Ecns280 TD Firmware V100R005C10Spc650 There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. | 6.5 |
| 2021-12-09 | CVE-2021-43410 | Improper Encoding or Escaping of Output vulnerability in Apache Airavata Django Portal Apache Airavata Django Portal allows CRLF log injection because of lack of escaping log statements. | 5.3 |
| 2021-11-24 | CVE-2021-20844 | Improper Encoding or Escaping of Output vulnerability in multiple products Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive information via a specially crafted web page. | 5.7 |
| 2021-11-17 | CVE-2021-42250 | Improper Encoding or Escaping of Output vulnerability in Apache Superset Improper output neutralization for Logs. | 6.5 |
| 2021-11-02 | CVE-2021-41232 | Improper Encoding or Escaping of Output vulnerability in Thunderdome Planning Poker Thunderdome is an open source agile planning poker tool in the theme of Battling for points. | 9.8 |
| 2021-10-06 | CVE-2021-21684 | Improper Encoding or Escaping of Output vulnerability in Jenkins GIT Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability. | 6.1 |
| 2021-09-14 | CVE-2021-33672 | Improper Encoding or Escaping of Output vulnerability in SAP Contact Center 700 Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. | 9.6 |
| 2021-08-23 | CVE-2021-39367 | Improper Encoding or Escaping of Output vulnerability in Canon OCE Print Exec Workgroup 1.3.2 Canon Oce Print Exec Workgroup 1.3.2 allows Host header injection. | 5.3 |