CWE-92 - DEPRECATED: Improper Sanitization of Custom Special Characters

• Abstraction:
• Base

• Structure:
• Simple

• Status:
• Deprecated

Weakness Name

DEPRECATED: Improper Sanitization of Custom Special Characters

Description

This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.

• Release Date:
• 2006-07-19

• Latest Modification Date:
• 2023-06-29

Latest Security News

EU sanctions Russian GRU hackers for cyberattacks against Estonia

Windows 11 24H2 preview brings new taskbar features

Hackers steal $85 million worth of cryptocurrency from Phemex

Microsoft Teams phishing attack alerts coming to everyone next month

Clone2Leak attacks exploit Git flaws to steal credentials

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)

The Case for Proactive, Scalable Data Protection

GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs

Common Alerts

HighRemote Code Execution - CVE-2012-1823

LowSecure Pages Include Mixed Content

InformationalCross Site Scripting (Persistent) - Spider

HighCloud Metadata Potentially Exposed

HighHeartbleed OpenSSL Vulnerability

LowServer Leaks Version Information via "Server" HTTP Response Header Field

HighSOAP Action Spoofing

MediumApache Range Header DoS (CVE-2011-3192)

MediumDirectory Browsing

MediumBuffer Overflow

Latest CVE List

CVE-2025-23006 SonicWall SMA1000 Appliances Deserialization Vulnerability

CVE-2020-11023 JQuery Cross-Site Scripting (XSS) Vulnerability

CVE-2024-50603 Aviatrix Controllers OS Command Injection Vulnerability

CVE-2024-55591 Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability

CVE-2025-21333 Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability

CVE-2025-21334 Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

CVE-2025-21335 Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

CVE-2024-12686 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability

CVE-2023-48365 Qlik Sense HTTP Tunneling Vulnerability

CVE-2025-0282 Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

Top CWE List

CWE-693 Protection Mechanism Failure

HighCWE-200 Exposure of Sensitive Information to an Unauthorized Actor

MediumCWE-352 Cross-Site Request Forgery (CSRF)

HighCWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-1021 Improper Restriction of Rendered UI Layers or Frames

CWE-1053 Missing Documentation for Design

CWE-1426 Improper Validation of Generative AI Output

CWE-284 Improper Access Control

CWE-304 Missing Critical Step in Authentication

CWE-307 Improper Restriction of Excessive Authentication Attempts