Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-74 (输出中的特殊元素转义处理不恰当(注入)) — Vulnerability Class 373

373 vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-32314 Sandbox Escape — vm2 9.8 Critical2023-05-15
CVE-2023-32313 Inspect method manipulation in vm2 — vm2 5.3 Medium2023-05-15
CVE-2022-45048 Apache Ranger: code execution vulnerability in policy expressions — Apache Ranger 8.4 High2023-05-05
CVE-2022-45801 Apache StreamPark (incubating): LDAP Injection Vulnerability — Apache StreamPark (incubating) 9.1 -2023-05-01
CVE-2023-30609 matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting — matrix-react-sdk 5.4 Medium2023-04-25
CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit` — git 7.0 High2023-04-25
CVE-2023-29516 Code injection from view right on XWiki.AttachmentSelector in xwiki-platform — xwiki-platform 9.9 Critical2023-04-18
CVE-2023-29514 Code injection in template provider administration in xwiki-platform — xwiki-platform 10.0 Critical2023-04-18
CVE-2023-29512 Code injection in xwiki-platform-web-templates — xwiki-platform 9.9 Critical2023-04-18
CVE-2023-29510 Code injection via unescaped translations in xwiki-platform — xwiki-platform 10.0 Critical2023-04-18
CVE-2023-29522 Code injection from view right on XWiki.ClassSheet in xwiki-platform — xwiki-platform 9.9 Critical2023-04-18
CVE-2023-29521 Code injection from account/view through VFS Tree macro in xwiki-platform — xwiki-platform 8.4 High2023-04-18
CVE-2023-29519 Code injection in org.xwiki.platform:xwiki-platform-attachment-ui — xwiki-platform 9.1 Critical2023-04-18
CVE-2023-29518 Code injection from view right using Invitation.InvitationCommon in xwiki-platform — xwiki-platform 9.9 Critical2023-04-18
CVE-2023-29523 Code injection in display method used in user profiles in xwiki-platform — xwiki-platform 10.0 Critical2023-04-18
CVE-2023-29524 Code injection from account through XWiki.SchedulerJobSheet in xwiki-platform — xwiki-platform 10.0 Critical2023-04-18
CVE-2023-29525 Privilege escalation from view right on XWiki.Notifications.Code.LegacyNotificationAdministration in xwiki-platform — xwiki-platform 10.0 Critical2023-04-18
CVE-2023-29526 Async and display macro allow displaying and interacting with any document in restricted mode — xwiki-platform 10.0 Critical2023-04-18
CVE-2023-29527 Code injection from account through AWM view sheet in xwiki platform — xwiki-platform 10.0 Critical2023-04-18
CVE-2023-30547 Sandbox Escape in vm2 — vm2 9.8 Critical2023-04-17
CVE-2023-29213 org.xwiki.platform:xwiki-platform-logging-ui Injection vulnerability — xwiki-platform 9.1 Critical2023-04-17
CVE-2022-43769 Hitachi Vantara Pentaho Business Analytics Server - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) — Pentaho Business Analytics Server 8.8 High2023-04-03
CVE-2023-28637 DataEase AWS redshift data source exists for remote code execution vulnerability — dataease 8.0 High2023-03-28
CVE-2023-26493 Command Injection in Cocos Engine workflow — cocos-engine 8.1 High2023-03-27
CVE-2023-25616 Code Injection vulnerability in SAP Business Objects Business Intelligence Platform (CMC) — Business Objects Business Intelligence Platform (CMC) 9.9 Critical2023-03-14
CVE-2023-1287 ENOVIA Live Collaboration V6R2013xE is affected by an XSL template injection vulnerability — ENOVIA Live Collaboration 9.0 Critical2023-03-09
CVE-2023-27479 Improper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui — xwiki-platform 10.0 Critical2023-03-07
CVE-2023-25613 LDAP Injection Vulnerability in Apache Kerby — Apache Kerby LDAP Backend 9.8 -2023-02-20
CVE-2023-25141 JNDI injection into Apache sling-org-apache-sling-jcr-base — Apache Sling JCR Base 9.1 -2023-02-14
CVE-2022-43756 Rancher/Wrangler: Denial of service when processing Git credentials — Rancher 5.9 Medium2023-02-07

Vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)) represent 373 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.