CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
low-riskThe product does not adequately filter user-controlled input for special elements with control implications.
Abstraction: Class
Common Consequences
Integrity
→
Modify Application Data
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2021-22911 | 9.8 | 92.3% | — |
| CVE-2024-0801 | 7.5 | 58.4% | — |
| CVE-2021-39174 | 8.8 | 52.4% | — |
| CVE-2024-0044 | 6.7 | 9.2% | — |
| CVE-2024-27622 | 7.2 | 4.7% | — |
| CVE-2024-37779 | 8.8 | 4.6% | — |
| CVE-2024-35373 | 9.8 | 2.2% | — |
| CVE-2022-24039 | 9.0 | 2.1% | — |
| CVE-2021-22910 | 9.8 | 1.8% | — |
| CVE-2024-31809 | 8.8 | 1.5% | — |
7
/ 100
low-risk
Active Threat
6/50 · Minimal
Exploit Availability
1/50 · Minimal