|
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) Status: Draft Weakness ID: 75 (Weakness Class)Description Summary The software fails to adequately filter user-controlled input for special elements with control implications. Potential Mitigations Requirements specification: Programming languages and supporting technologies might be chosen which are not subject to these issues. Implementation Utilize an appropriate mix of white-list and black-list parsing to filter special element syntax from all input. Relationships
Taxonomy Mappings
Applicable Platforms Languages All Time of Introduction Architecture and Design ImplementationContent History Submissions PLOVER. (Externally Mined) Modifications Eric Dalci. Cigital. 2008-07-01. (External) updated Time_of_Introduction CWE Content Team. MITRE. 2008-09-08. (Internal) updated Relationships, Taxonomy_Mappings Previous Entry Names Special Element Injection (changed 2008-04-11) |
|
|
|||