|
|
|
|
CWE-148 Individual Dictionary Definition (Draft 9)
Weakness ID
| Status: Draft 148 (Weakness Variant) | | Description | Summary The application does not properly handle when a leading character or sequence ("leader")
is missing or malformed, or if multiple leaders are used when only one should be allowed. | | Potential Mitigations | Developers should anticipate that leading characters will be
injected/removed/manipulated in the input vectors of their software system. Use an appropriate
combination of black lists and white lists to ensure only valid, expected and appropriate
input is processed by the system. | | Relationships | | | Source Taxonomies | PLOVER - Input Leader |
|