CWE-791: Incomplete Filtering of Special Elements

The product receives data from an upstream component, but does not completely filter special elements before sending it to a downstream component.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

CWE-791 (Incomplete Filtering of Special Elements) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.

CWE-791: Incomplete Filtering of Special Elements

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Code examples

Frequently asked questions

What is CWE-791?

What CVEs are caused by CWE-791?

What are the consequences of CWE-791?

Is CWE-791 actively exploited?

References

Stay ahead of CWE-791

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Code examples

Related weaknesses

Parent

Child

Frequently asked questions

What is CWE-791?

What CVEs are caused by CWE-791?

What are the consequences of CWE-791?

Is CWE-791 actively exploited?

References

Stay ahead of CWE-791