A Community-Developed Dictionary of Software Weakness Types
Technical Impact: Modify application
data; Execute unauthorized code or
Programming languages and supporting technologies might be chosen
which are not subject to these issues.
Utilize an appropriate mix of white-list and black-list parsing to
filter special element syntax from all input.
Use of the Common Weakness Enumeration and the associated references from this website are subject to the
CWE is sponsored by
US-CERT in the office of
Cybersecurity and Communications at the
U.S. Department of Homeland Security. Copyright © 2006-2015, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of
The MITRE Corporation.