CWE-838
Inappropriate Encoding for Output Context
The product uses or specifies an encoding when generating output to a downstream component, but the specified encoding is not the same as the encoding that is expected by the downstream component.
CVE-2020-7292 (GCVE-0-2020-7292)
Vulnerability from cvelistv5
- CWE-838 - Inappropriate Encoding for output context
► | URL | Tags | |||
---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
McAfee | McAfee Web Gateway (MWG) |
Version: unspecified < 9.2.1 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:25:48.627Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10323" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "McAfee Web Gateway (MWG)", "vendor": "McAfee", "versions": [ { "lessThan": "9.2.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-838", "description": "CWE-838 Inappropriate Encoding for output context", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-14T15:35:31", "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "shortName": "trellix" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10323" } ], "source": { "advisory": "SB10323", "discovery": "EXTERNAL" }, "title": "Web Gateway (MWG) - Inappropriate Encoding for output context", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@mcafee.com", "ID": "CVE-2020-7292", "STATE": "PUBLIC", "TITLE": "Web Gateway (MWG) - Inappropriate Encoding for output context" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "McAfee Web Gateway (MWG)", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "9.2.1" } ] } } ] }, "vendor_name": "McAfee" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-838 Inappropriate Encoding for output context" } ] } ] }, "references": { "reference_data": [ { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10323", "refsource": "MISC", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10323" } ] }, "source": { "advisory": "SB10323", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "assignerShortName": "trellix", "cveId": "CVE-2020-7292", "datePublished": "2020-07-15T14:50:14", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2024-08-04T09:25:48.627Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-5770 (GCVE-0-2023-5770)
Vulnerability from cvelistv5
- CWE-838 - Inappropriate Encoding for Output Context
Vendor | Product | Version | ||
---|---|---|---|---|
Proofpoint | Proofpoint Enterprise Protection |
Version: 8.20.2 ≤ Version: 8.20.0 ≤ Version: 8.18.6 ≤ Version: 8.0 ≤ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:07:32.637Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-5770", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-05-08T18:43:41.522534Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-06-03T14:29:46.790Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "affected", "modules": [ "Email Delivery Agent" ], "product": "Proofpoint Enterprise Protection", "vendor": "Proofpoint", "versions": [ { "changes": [ { "at": "patch 4809", "status": "unaffected" } ], "lessThan": "patch 4809", "status": "affected", "version": "8.20.2", "versionType": "semver" }, { "changes": [ { "at": "patch 4805", "status": "unaffected" } ], "lessThan": "patch 4805", "status": "affected", "version": "8.20.0", "versionType": "semver" }, { "changes": [ { "at": "patch 4804", "status": "unaffected" } ], "lessThan": "patch 4804", "status": "affected", "version": "8.18.6", "versionType": "semver" }, { "lessThan": "8.18.6", "status": "affected", "version": "8.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eProofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.\u003c/span\u003e\u003cp\u003eThis issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.\u003c/p\u003e" } ], "value": "Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-838", "description": "CWE-838 Inappropriate Encoding for Output Context", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-09T22:02:03.839Z", "orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "shortName": "Proofpoint" }, "references": [ { "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009" } ], "source": { "discovery": "UNKNOWN" }, "title": "HTML injection in email body through email subject", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "assignerShortName": "Proofpoint", "cveId": "CVE-2023-5770", "datePublished": "2024-01-09T22:02:03.839Z", "dateReserved": "2023-10-25T17:57:53.751Z", "dateUpdated": "2025-06-03T14:29:46.790Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-34006 (GCVE-0-2024-34006)
Vulnerability from cvelistv5
- CWE-838 - Inappropriate Encoding for Output Context
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fedora", "vendor": "fedoraproject", "versions": [ { "lessThanOrEqual": "4.3.3", "status": "affected", "version": "4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fedora", "vendor": "fedoraproject", "versions": [ { "lessThanOrEqual": "4.1.9", "status": "affected", "version": "4.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fedora", "vendor": "fedoraproject", "versions": [ { "lessThanOrEqual": "4.2.6", "status": "affected", "version": "4.2", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-34006", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-03T15:10:13.250364Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:42:30.475Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T02:42:59.940Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://moodle.org/mod/forum/discuss.php?d=458395" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://git.moodle.org", "defaultStatus": "unknown", "packageName": "Moodle", "versions": [ { "lessThanOrEqual": "4.3.3", "status": "affected", "version": "4.0", "versionType": "semver" }, { "lessThanOrEqual": "4.2.6", "status": "affected", "version": "4.2", "versionType": "semver" }, { "lessThanOrEqual": "4.1.9", "status": "affected", "version": "4.1", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Leon Stringer" } ], "datePublic": "2024-05-20T09:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cpre\u003eThe site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being rendered.\u003c/pre\u003e\u003cbr\u003e" } ], "value": "The site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being rendered." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-838", "description": "CWE-838 Inappropriate Encoding for Output Context", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-31T20:36:08.390Z", "orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora" }, "references": [ { "url": "https://moodle.org/mod/forum/discuss.php?d=458395" } ], "title": "moodle: unsanitized HTML in site log for config_log_created" } }, "cveMetadata": { "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "assignerShortName": "fedora", "cveId": "CVE-2024-34006", "datePublished": "2024-05-31T20:36:08.390Z", "dateReserved": "2024-04-29T13:02:30.267Z", "dateUpdated": "2024-08-02T02:42:59.940Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Mitigation
Phase: Implementation
Strategy: Output Encoding
Description:
- Use context-aware encoding. That is, understand which encoding is being used by the downstream component, and ensure that this encoding is used. If an encoding can be specified, do so, instead of assuming that the default encoding is the same as the default being assumed by the downstream component.
Mitigation
Phase: Architecture and Design
Strategy: Output Encoding
Description:
- Where possible, use communications protocols or data formats that provide strict boundaries between control and data. If this is not feasible, ensure that the protocols or formats allow the communicating components to explicitly state which encoding/decoding method is being used. Some template frameworks provide built-in support.
Mitigation ID: MIT-4.3
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using the ESAPI Encoding control [REF-45] or a similar tool, library, or framework. These will help the programmer encode outputs in a manner less prone to error.
- Note that some template mechanisms provide built-in support for the appropriate encoding.
CAPEC-468: Generic Cross-Browser Cross-Domain Theft
An attacker makes use of Cascading Style Sheets (CSS) injection to steal data cross domain from the victim's browser. The attack works by abusing the standards relating to loading of CSS: 1. Send cookies on any load of CSS (including cross-domain) 2. When parsing returned CSS ignore all data that does not make sense before a valid CSS descriptor is found by the CSS parser.