Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-643:Improper Neutralization of Data within XPath Expressions ('XPath Injection')
Weakness ID:643
Version:v4.17
Weakness Name:Improper Neutralization of Data within XPath Expressions ('XPath Injection')
Vulnerability Mapping:Allowed
Abstraction:Base
Structure:Simple
Status:Incomplete
Likelihood of Exploit:High
DetailsContent HistoryObserved CVE ExamplesReports
▼Submissions
Submission DateRelease DateSubmitterOrganizationVersionComment
2008-01-302008-01-30Evgeny LebanidzeCigitalDraft 8

N/A

Submission Date: 2008-01-30

Release Date: 2008-01-30

Submitter: Evgeny Lebanidze

Organization: Cigital

Version: Draft 8

Comment:

N/A

▼Modifications
Modification DateRelease DateModifierOrganizationVersionImportanceComment
2008-09-08N/ACWE Content TeamMITREN/AN/A

updated Common_Consequences, Relationships

2008-10-14N/ACWE Content TeamMITREN/AN/A

updated Description, Name, References, Relationship_Notes

2009-03-10N/ACWE Content TeamMITREN/AN/A

updated Demonstrative_Examples

2009-05-27N/ACWE Content TeamMITREN/AN/A

updated Name

2009-10-29N/ACWE Content TeamMITREN/AN/A

updated Common_Consequences

2010-02-16N/ACWE Content TeamMITREN/AN/A

updated Taxonomy_Mappings

2010-04-05N/ACWE Content TeamMITREN/AN/A

updated Description, Name

2010-06-21N/ACWE Content TeamMITREN/AN/A

updated Enabling_Factors_for_Exploitation

2010-12-13N/ACWE Content TeamMITREN/AN/A

updated Common_Consequences

2011-06-01N/ACWE Content TeamMITREN/AN/A

updated Common_Consequences

2012-05-11N/ACWE Content TeamMITREN/AN/A

updated References, Relationships

2012-10-30N/ACWE Content TeamMITREN/AN/A

updated Potential_Mitigations

2014-06-23N/ACWE Content TeamMITREN/AN/A

updated Relationships

2014-07-30N/ACWE Content TeamMITREN/AN/A

updated Relationships, Taxonomy_Mappings

2017-11-08N/ACWE Content TeamMITREN/AN/A

updated Applicable_Platforms, Enabling_Factors_for_Exploitation, Modes_of_Introduction, Relationships

2018-03-27N/ACWE Content TeamMITREN/AN/A

updated Relationships

2020-02-24N/ACWE Content TeamMITREN/AN/A

updated Relationships

2020-08-20N/ACWE Content TeamMITREN/AN/A

updated Relationships

2020-12-10N/ACWE Content TeamMITREN/AN/A

updated Relationships

2021-10-28N/ACWE Content TeamMITREN/AN/A

updated Relationships

2023-01-31N/ACWE Content TeamMITREN/AN/A

updated Description

2023-04-27N/ACWE Content TeamMITREN/AN/A

updated Detection_Factors, References, Relationships

2023-06-29N/ACWE Content TeamMITREN/AN/A

updated Mapping_Notes

2024-02-292024-02-29CWE Content TeamMITRE4.14N/A

updated Demonstrative_Examples

Modification Date: 2008-09-08

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Common_Consequences, Relationships

Modification Date: 2008-10-14

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Description, Name, References, Relationship_Notes

Modification Date: 2009-03-10

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Demonstrative_Examples

Modification Date: 2009-05-27

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Name

Modification Date: 2009-10-29

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Common_Consequences

Modification Date: 2010-02-16

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Taxonomy_Mappings

Modification Date: 2010-04-05

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Description, Name

Modification Date: 2010-06-21

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Enabling_Factors_for_Exploitation

Modification Date: 2010-12-13

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Common_Consequences

Modification Date: 2011-06-01

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Common_Consequences

Modification Date: 2012-05-11

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated References, Relationships

Modification Date: 2012-10-30

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Potential_Mitigations

Modification Date: 2014-06-23

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2014-07-30

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships, Taxonomy_Mappings

Modification Date: 2017-11-08

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Applicable_Platforms, Enabling_Factors_for_Exploitation, Modes_of_Introduction, Relationships

Modification Date: 2018-03-27

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2020-02-24

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2020-08-20

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2020-12-10

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2021-10-28

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2023-01-31

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Description

Modification Date: 2023-04-27

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Detection_Factors, References, Relationships

Modification Date: 2023-06-29

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Mapping_Notes

Modification Date: 2024-02-29

Release Date: 2024-02-29

Modifier: CWE Content Team

Organization: MITRE

Version: 4.14

Importance: N/A

Comment:

updated Demonstrative_Examples

▼Contributions
Contributor DateRelease DateTypeContributorOrganizationVersionComment
▼Previous Name Entries
Change DatePrevious Entry NameVersion
2008-10-14

Unsafe Treatment of XPath Input

N/A
2009-05-27

Failure to Sanitize Data within XPath Expressions (aka 'XPath injection')

N/A
2010-04-05

Failure to Sanitize Data within XPath Expressions ('XPath injection')

N/A

Change Date: 2008-10-14

Version: N/A

Previous Entry Name: Unsafe Treatment of XPath Input

Change Date: 2009-05-27

Version: N/A

Previous Entry Name: Failure to Sanitize Data within XPath Expressions (aka 'XPath injection')

Change Date: 2010-04-05

Version: N/A

Previous Entry Name: Failure to Sanitize Data within XPath Expressions ('XPath injection')