|
|
|
|
CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) | |
| | Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) |
|
| Weakness ID: 75 (Weakness Class) | | Status: Draft |
 Description
Description Summary The software fails to adequately filter user-controlled input
for special elements with control implications.
Time of Introduction
- Architecture and Design
- Implementation
Potential Mitigations | Phase | Description |
|---|
| Requirements specification: Programming languages and supporting
technologies might be chosen which are not subject to these
issues. |
Implementation | Utilize an appropriate mix of white-list and black-list parsing to
filter special element syntax from all input. |
Relationships Taxonomy Mappings | Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
|---|
| PLOVER | | | Special Element Injection |
Content History | Submissions |
|---|
| Submission Date | Submitter | Organization | Source |
|---|
| PLOVER | | Externally Mined | | | Modifications |
|---|
| Modification Date | Modifier | Organization | Source |
|---|
| 2008-07-01 | Eric Dalci | Cigital | External | | updated Time of Introduction | | 2008-09-08 | CWE Content Team | MITRE | Internal | | updated Relationships,
Taxonomy Mappings |
|
