Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-16 | CVE-2021-38751 | Improper Encoding or Escaping of Output vulnerability in Exponentcms A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. | 4.3 |
| 2021-08-13 | CVE-2021-32067 | Improper Encoding or Escaping of Output vulnerability in Mitel Micollab The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization. | 6.5 |
| 2021-08-13 | CVE-2021-32072 | Improper Encoding or Escaping of Output vulnerability in Mitel Micollab The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information (disclosing sensitive application data) due to insufficient output sanitization. | 6.5 |
| 2021-08-03 | CVE-2021-30589 | Improper Encoding or Escaping of Output vulnerability in multiple products Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link. | 4.3 |
| 2021-08-02 | CVE-2021-32812 | Improper Encoding or Escaping of Output vulnerability in Tekmonks Monkshu 2.90 Monkshu is an enterprise application server for mobile apps (iOS and Android), responsive HTML 5 apps, and JSON API services. | 6.1 |
| 2021-07-30 | CVE-2021-34630 | Improper Encoding or Escaping of Output vulnerability in Gtranslate In the Pro and Enterprise versions of GTranslate < 2.8.65, the gtranslate_request_uri_var function runs at the top of all pages and echoes out the contents of $_SERVER['REQUEST_URI']. | 6.1 |
| 2021-07-23 | CVE-2021-20333 | Improper Encoding or Escaping of Output vulnerability in Mongodb Sending specially crafted commands to a MongoDB Server may result in artificial log entries being generated or for log entries to be split. | 5.3 |
| 2021-07-12 | CVE-2021-30640 | Improper Encoding or Escaping of Output vulnerability in multiple products A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. | 6.5 |
| 2021-07-12 | CVE-2021-32679 | Improper Encoding or Escaping of Output vulnerability in multiple products Nextcloud Server is a Nextcloud package that handles data storage. | 8.8 |
| 2021-06-11 | CVE-2021-23205 | Improper Encoding or Escaping of Output vulnerability in Gallagher Command Centre Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers and other hardware items beyond their privilege. | 8.1 |