Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-11 | CVE-2022-3941 | Improper Encoding or Escaping of Output vulnerability in Activity LOG Project Activity LOG A vulnerability has been found in Activity Log Plugin and classified as critical. | 5.3 |
| 2022-10-24 | CVE-2021-42010 | Improper Encoding or Escaping of Output vulnerability in Apache Heron Heron versions <= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. | 9.8 |
| 2022-10-03 | CVE-2022-41443 | Improper Encoding or Escaping of Output vulnerability in PHPipam 1.5.0 phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component /admin/subnets/ripe-query.php. | 9.8 |
| 2022-09-29 | CVE-2021-40694 | Improper Encoding or Escaping of Output vulnerability in Moodle Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account. | 4.9 |
| 2022-09-23 | CVE-2022-41322 | Improper Encoding or Escaping of Output vulnerability in multiple products In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. | 7.8 |
| 2022-09-20 | CVE-2022-39956 | Improper Encoding or Escaping of Output vulnerability in multiple products The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass for HTTP multipart requests by submitting a payload that uses a character encoding scheme via the Content-Type or the deprecated Content-Transfer-Encoding multipart MIME header fields that will not be decoded and inspected by the web application firewall engine and the rule set. | 9.8 |
| 2022-09-20 | CVE-2022-39957 | Improper Encoding or Escaping of Output vulnerability in multiple products The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. | 7.5 |
| 2022-09-20 | CVE-2022-39958 | Improper Encoding or Escaping of Output vulnerability in multiple products The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range. | 7.5 |
| 2022-09-08 | CVE-2022-36099 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform Wiki UI Main Wiki is software for managing subwikis on XWiki Platform, a generic wiki platform. | 8.8 |
| 2022-09-08 | CVE-2022-36100 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform Applications Tag and XWiki Platform Tag UI are tag applications for XWiki, a generic wiki platform. | 8.8 |