Improper Output Neutralization for Logs

The product does not neutralize or incorrectly neutralizes output that is written to logs.

We have discovered 1,313 live websites that are affected by CWE-117.

Number of websites using CWE-117

Number of websites using CWE-117

List of the most recent CVEs that are part of CWE-117

Discovered	CVE	Description	Websites
Jun, 2026	CVE-2026-9016	Debug Log Manager <= 2.5.0 - Unauthenticated Improper Output Neutralization for Logs via log_js_errors AJAX Action	1,245
Jun, 2025	CVE-2025-48432	An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Intern...	66
Sep, 2024	CVE-2024-45808	Malicious log injection via access logs in envoy	2

List of the most common CVEs that are part of CWE-117

Discovered	CVE	Description	Websites
Jun, 2026	CVE-2026-9016	Debug Log Manager <= 2.5.0 - Unauthenticated Improper Output Neutralization for Logs via log_js_errors AJAX Action	1,245
Jun, 2025	CVE-2025-48432	An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Intern...	66
Sep, 2024	CVE-2024-45808	Malicious log injection via access logs in envoy	2

Top websites that are affected by CWE-117. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
*********.com	United States	,*
*******.de	Germany	,*
*************.com	Japan	,*
*******.com	United States	,*
*****.jp	Japan	,*
******************.com	United States	,*
***********.com	United States	,*
********************.org	France	*,*
*********.com	United States	*,*
*********.com	United States	*,*