Common Weakness Enumeration

CWE-838

Allowed

Inappropriate Encoding for Output Context

Abstraction: Base · Status: Incomplete

The product uses or specifies an encoding when generating output to a downstream component, but the specified encoding is not the same as the encoding that is expected by the downstream component.

16 vulnerabilities reference this CWE, most recent first.

GHSA-JHCF-J4HG-V64R

Vulnerability from github – Published: 2022-05-24 17:01 – Updated: 2023-09-26 19:48
VLAI
Summary
Pimcore Access Control Issues
Details

Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "pimcore/pimcore"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-18981"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-838"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-18T22:06:54Z",
    "nvd_published_at": "2019-11-15T05:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.",
  "id": "GHSA-jhcf-j4hg-v64r",
  "modified": "2023-09-26T19:48:39Z",
  "published": "2022-05-24T17:01:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18981"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pimcore/pimcore/commit/0a5d80b2593b2ebe35d19756b730ba33aa049106"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/pimcore/pimcore"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pimcore/pimcore/compare/v6.2.1...v6.2.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Pimcore Access Control Issues"
}

GHSA-M37V-MHQJ-22CM

Vulnerability from github – Published: 2023-08-02 00:30 – Updated: 2025-07-09 15:30
VLAI
Details

Inappropriate implementation in Web API Permission Prompts in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3735"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-838"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-01T23:15:32Z",
    "severity": "MODERATE"
  },
  "details": "Inappropriate implementation in Web API Permission Prompts in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)",
  "id": "GHSA-m37v-mhqj-22cm",
  "modified": "2025-07-09T15:30:31Z",
  "published": "2023-08-02T00:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3735"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2023/07/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1394410"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202401-34"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MV2J-4MM8-9XGV

Vulnerability from github – Published: 2022-05-13 01:22 – Updated: 2025-12-18 15:30
VLAI
Details

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-6110"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-838"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-01-31T18:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.",
  "id": "GHSA-mv2j-4mm8-9xgv",
  "modified": "2025-12-18T15:30:24Z",
  "published": "2022-05-13T01:22:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6110"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
    },
    {
      "type": "WEB",
      "url": "https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c"
    },
    {
      "type": "WEB",
      "url": "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201903-16"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20190213-0001"
    },
    {
      "type": "WEB",
      "url": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46193"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q8Q6-CCRM-HRM9

Vulnerability from github – Published: 2024-01-10 00:30 – Updated: 2024-01-10 00:30
VLAI
Details

Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-5770"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-838"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-09T22:15:43Z",
    "severity": "MODERATE"
  },
  "details": "Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject.  The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.\n\n",
  "id": "GHSA-q8q6-ccrm-hrm9",
  "modified": "2024-01-10T00:30:21Z",
  "published": "2024-01-10T00:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5770"
    },
    {
      "type": "WEB",
      "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VVH5-7V3M-J3MJ

Vulnerability from github – Published: 2024-05-31 21:30 – Updated: 2025-05-15 21:03
VLAI
Summary
Moodle Unsanitized HTML in site log for config_log_created
Details

The site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being rendered.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.3.0"
            },
            {
              "fixed": "4.3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2.0"
            },
            {
              "fixed": "4.2.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-34006"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-838"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-04T17:37:34Z",
    "nvd_published_at": "2024-05-31T21:15:09Z",
    "severity": "MODERATE"
  },
  "details": "The site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being rendered.",
  "id": "GHSA-vvh5-7v3m-j3mj",
  "modified": "2025-05-15T21:03:23Z",
  "published": "2024-05-31T21:30:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34006"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moodle/moodle/commit/cd85e090f3feb06e6eff65d1499a67353d82d3cb"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/moodle/moodle"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=458395"
    },
    {
      "type": "WEB",
      "url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-80585"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moodle Unsanitized HTML in site log for config_log_created"
}

GHSA-XPC5-66VP-J2WH

Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53
VLAI
Details

util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-9862"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-838"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-09T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a \"docker exec\" command with that value in the -u argument, a similar issue to CVE-2016-3697.",
  "id": "GHSA-xpc5-66vp-j2wh",
  "modified": "2022-05-13T01:53:57Z",
  "published": "2022-05-13T01:53:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9862"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hyperhq/hyperstart/pull/348"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103738"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Strategy: Output Encoding

Use context-aware encoding. That is, understand which encoding is being used by the downstream component, and ensure that this encoding is used. If an encoding can be specified, do so, instead of assuming that the default encoding is the same as the default being assumed by the downstream component.

Mitigation
Architecture and Design

Strategy: Output Encoding

Where possible, use communications protocols or data formats that provide strict boundaries between control and data. If this is not feasible, ensure that the protocols or formats allow the communicating components to explicitly state which encoding/decoding method is being used. Some template frameworks provide built-in support.

Mitigation MIT-4.3
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, consider using the ESAPI Encoding control [REF-45] or a similar tool, library, or framework. These will help the programmer encode outputs in a manner less prone to error.
  • Note that some template mechanisms provide built-in support for the appropriate encoding.
CAPEC-468: Generic Cross-Browser Cross-Domain Theft

An attacker makes use of Cascading Style Sheets (CSS) injection to steal data cross domain from the victim's browser. The attack works by abusing the standards relating to loading of CSS: 1. Send cookies on any load of CSS (including cross-domain) 2. When parsing returned CSS ignore all data that does not make sense before a valid CSS descriptor is found by the CSS parser.