CWE-790: Improper Filtering of Special Elements

The product receives data from an upstream component, but does not filter or incorrectly filters special elements before sending it to a downstream component.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Class

Abstraction

MITRE classification

Overview

CWE-790 (Improper Filtering of Special Elements) is a class-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.

CWE-790: Improper Filtering of Special Elements

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Code examples

Frequently asked questions

What is CWE-790?

What CVEs are caused by CWE-790?

What are the consequences of CWE-790?

Is CWE-790 actively exploited?

References

Stay ahead of CWE-790

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Code examples

Related weaknesses

Parent

Child

Frequently asked questions

What is CWE-790?

What CVEs are caused by CWE-790?

What are the consequences of CWE-790?

Is CWE-790 actively exploited?

References

Stay ahead of CWE-790