Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-27 | CVE-2020-7694 | Improper Encoding or Escaping of Output vulnerability in Encode Uvicorn This affects all versions of package uvicorn. | 7.5 |
| 2020-07-01 | CVE-2020-6261 | Improper Encoding or Escaping of Output vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. | 5.3 |
| 2020-06-19 | CVE-2017-18892 | Improper Encoding or Escaping of Output vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. | 6.1 |
| 2020-06-08 | CVE-2020-5304 | Improper Encoding or Escaping of Output vulnerability in Whitesourcesoftware Whitesource The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. | 7.5 |
| 2020-06-08 | CVE-2020-13625 | Improper Encoding or Escaping of Output vulnerability in multiple products PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. | 7.5 |
| 2020-04-14 | CVE-2020-6227 | Improper Encoding or Escaping of Output vulnerability in SAP Businessobjects Business Intelligence Platform 4.2 SAP Business Objects Business Intelligence Platform (CMS / Auditing issues), version 4.2, allows attacker to send specially crafted GIOP packets to several services due to Improper Input Validation, allowing to forge additional entries in GLF log files. | 7.5 |
| 2020-04-08 | CVE-2020-4282 | Improper Encoding or Escaping of Output vulnerability in IBM Security Information Queue IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow an authenticated user to perform unauthorized actions by bypassing illegal character restrictions. | 4.3 |
| 2020-03-12 | CVE-2018-20586 | Improper Encoding or Escaping of Output vulnerability in Bitcoin Core bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call. | 5.3 |
| 2020-03-09 | CVE-2020-10235 | Improper Encoding or Escaping of Output vulnerability in Froxlor An issue was discovered in Froxlor before 0.10.14. | 8.8 |
| 2019-12-26 | CVE-2013-2011 | Improper Encoding or Escaping of Output vulnerability in Automattic W3 Super Cache WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. | 8.8 |