CAPEC Related Weakness
Generic Cross-Browser Cross-Domain Theft
CWE-149Improper Neutralization of Quoting Syntax
CWE-177Improper Handling of URL Encoding (Hex Encoding)
CWE-707Improper Neutralization
CWE-838Inappropriate Encoding for Output Context
Using Slashes and URL Encoding Combined to Bypass Validation Logic
CWE-20Improper Input Validation
CWE-21DEPRECATED: Pathname Traversal and Equivalence Errors
CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-73External Control of File Name or Path
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-171DEPRECATED: Cleansing, Canonicalization, and Comparison Errors
CWE-172Encoding Error
CWE-173Improper Handling of Alternate Encoding
CWE-177Improper Handling of URL Encoding (Hex Encoding)
CWE-697Incorrect Comparison
CWE-707Improper Neutralization
URL Encoding
CWE-20Improper Input Validation
CWE-21DEPRECATED: Pathname Traversal and Equivalence Errors
CWE-73External Control of File Name or Path
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-171DEPRECATED: Cleansing, Canonicalization, and Comparison Errors
CWE-172Encoding Error
CWE-173Improper Handling of Alternate Encoding
CWE-177Improper Handling of URL Encoding (Hex Encoding)
Double Encoding
CWE-20Improper Input Validation
CWE-21DEPRECATED: Pathname Traversal and Equivalence Errors
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-171DEPRECATED: Cleansing, Canonicalization, and Comparison Errors
CWE-172Encoding Error
CWE-173Improper Handling of Alternate Encoding
CWE-177Improper Handling of URL Encoding (Hex Encoding)
CWE-181Incorrect Behavior Order: Validate Before Filter
CWE-183Permissive List of Allowed Inputs
CWE-184Incomplete List of Disallowed Inputs
CWE-692Incomplete Denylist to Cross-Site Scripting
CWE-697Incorrect Comparison
Back to Top