CWE-790: Improper Filtering of Special Elements
low-riskThe product receives data from an upstream component, but does not filter or incorrectly filters special elements before sending it to a downstream component.
Abstraction: Class
Common Consequences
Integrity
→
Unexpected State
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2023-45239 | 9.8 | 28.7% | — |
| CVE-2024-42416 | 8.8 | 1.0% | — |
| CVE-2021-43802 | 9.9 | 0.5% | — |
| CVE-2024-6540 | 5.7 | 0.4% | — |
| CVE-2024-47984 | 4.4 | 0.2% | — |
| CVE-2023-22578 | 10.0 | 0.2% | — |
| CVE-2024-31616 | 8.8 | 0.2% | — |
| CVE-2024-43443 | 4.9 | 0.1% | — |
| CVE-2024-43442 | 4.9 | 0.1% | — |
| CVE-2025-0431 | 5.8 | 0.1% | — |
3
/ 100
low-risk
Active Threat
3/50 · Minimal
Exploit Availability
0/50 · Minimal