Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-16 | CVE-2024-0233 | Improper Encoding or Escaping of Output vulnerability in Myeventon Eventon The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not properly sanitise and escape a parameter before outputting it back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 6.1 |
| 2024-01-11 | CVE-2024-22199 | Improper Encoding or Escaping of Output vulnerability in Gofiber Django This package provides universal methods to use multiple template engines with the Fiber web framework using the Views interface. | 6.1 |
| 2023-12-15 | CVE-2023-42183 | Improper Encoding or Escaping of Output vulnerability in Lockss Classic Lockss Daemon 1.75.9/1.76.5 lockss-daemon (aka Classic LOCKSS Daemon) before 1.77.3 performs post-Unicode normalization, which may allow bypass of intended access restrictions, such as when U+1FEF is converted to a backtick. | 5.3 |
| 2023-11-24 | CVE-2023-26279 | Improper Encoding or Escaping of Output vulnerability in IBM Qradar Wincollect 10.0/10.0.1/10.1.6 IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. | 7.8 |
| 2023-11-17 | CVE-2023-38316 | Improper Encoding or Escaping of Output vulnerability in Opennds Captive Portal An issue was discovered in OpenNDS Captive Portal before version 10.1.2. | 9.8 |
| 2023-11-06 | CVE-2023-5968 | Improper Encoding or Escaping of Output vulnerability in Mattermost Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body. | 4.9 |
| 2023-10-25 | CVE-2023-45135 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.0 |
| 2023-10-22 | CVE-2023-46300 | Improper Encoding or Escaping of Output vulnerability in Iterm2 iTerm2 before 3.4.20 allow (potentially remote) code execution because of mishandling of certain escape sequences related to tmux integration. | 9.8 |
| 2023-10-22 | CVE-2023-46301 | Improper Encoding or Escaping of Output vulnerability in Iterm2 iTerm2 before 3.4.20 allow (potentially remote) code execution because of mishandling of certain escape sequences related to upload. | 9.8 |
| 2023-09-20 | CVE-2023-43620 | Improper Encoding or Escaping of Output vulnerability in Schollz Croc An issue was discovered in Croc through 9.6.5. | 7.8 |