VYPR

CWE-75

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

ClassDraft

Description

The product does not adequately filter user-controlled input for special elements with control implications.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-81 · CAPEC-93

CVEs mapped to this weakness (21)

page 1 of 2
  • CVE-2024-37779HigSep 23, 2024
    risk 0.58cvss 8.8epss 0.01

    WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the Apache Ant script functionality.

  • CVE-2026-31908CriApr 14, 2026
    risk 0.52cvss 9.1epss 0.01

    Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which…

  • CVE-2024-23274HigMar 8, 2024
    risk 0.51cvss 7.8epss 0.00

    An injection issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.

  • CVE-2024-23268HigMar 8, 2024
    risk 0.51cvss 7.8epss 0.00

    An injection issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.

  • CVE-2024-24257HigJul 26, 2024
    risk 0.49cvss 7.5epss 0.00

    An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an attacker to obtain sensitive information via a crafted script to the csl/user component.

  • CVE-2024-21503MedMar 19, 2024
    risk 0.28cvss 5.3epss 0.01

    Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of…

  • CVE-2016-9471LowMar 28, 2017
    risk 0.20cvss 3.1epss 0.01

    Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the…

  • CVE-2021-39174Aug 27, 2021
    risk 0.04cvss epss 0.04

    Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (`APP_KEY`) and various passwords (email,…

  • CVE-2026-29042Mar 6, 2026
    risk 0.00cvss epss 0.02

    Nuclio is a "Serverless" framework for Real-Time Events and Data Processing. Prior to version 1.15.20, the Nuclio Shell Runtime component contains a command injection vulnerability in how it processes user-supplied arguments. When a function is invoked via HTTP, the runtime…

  • CVE-2026-27120Feb 20, 2026
    risk 0.00cvss epss 0.00

    Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the…

  • CVE-2025-61911Oct 10, 2025
    risk 0.00cvss epss 0.00

    python-ldap is a lightweight directory access protocol (LDAP) client API for Python. In versions prior to 3.4.5, the sanitization method `ldap.filter.escape_filter_chars` can be tricked to skip escaping of special characters when a crafted `list` or `dict` is supplied as the…

  • CVE-2025-50213Jun 24, 2025
    risk 0.00cvss epss 0.01

    Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vulnerability in Apache Airflow Providers Snowflake. This issue affects Apache Airflow Providers Snowflake: before 6.4.0. Sanitation of table and stage parameters were added…

  • CVE-2024-29686Mar 29, 2024
    risk 0.00cvss epss 0.02

    Server-side Template Injection (SSTI) vulnerability in Winter CMS v.1.2.3 allows a remote attacker to execute arbitrary code via a crafted payload to the CMS Pages field and Plugin components. NOTE: the vendor disputes this because the payload could only be entered by a trusted…

  • CVE-2023-6134Dec 14, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the…

  • CVE-2023-40743Sep 5, 2023
    risk 0.00cvss epss 0.02

    ** UNSUPPORTED WHEN ASSIGNED ** When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted input to this API…

  • CVE-2023-1758Apr 5, 2023
    risk 0.00cvss epss 0.01

    Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

  • CVE-2022-4721Dec 23, 2022
    risk 0.00cvss epss 0.00

    Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository ikus060/rdiffweb prior to 2.5.5.

  • CVE-2022-3607Oct 19, 2022
    risk 0.00cvss epss 0.00

    Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository octoprint/octoprint prior to 1.8.3.

  • CVE-2021-23562Dec 3, 2021
    risk 0.00cvss epss 0.01

    This affects the package plupload before 2.3.9. A file name containing JavaScript code could be uploaded and run. An attacker would need to trick a user to upload this kind of file.

  • CVE-2021-32798Aug 9, 2021
    risk 0.00cvss epss 0.02

    The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an…