Back to CWE list
CWE-75
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
Class
Draft
Description
The product does not adequately filter user-controlled input for special elements with control implications.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Integrity
Confidentiality
Availability
Impact
Modify Application Data, Execute Unauthorized Code or Commands
Potential Mitigations
Requirements
Programming languages and supporting technologies might be chosen which are not subject to these issues.
Implementation
Utilize an appropriate mix of allowlist and denylist parsing to filter special element syntax from all input.
Applicable Platforms
Not Language-Specific
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now