HTTP Parameter Override
- Risk:
Medium
- Type:
- Passive
- CWE:
- CWE-20
- Summary
Unspecified form action: HTTP parameter override attack potentially possible. This is a known problem with Java Servlets but other platforms may also be vulnerable.
- Solution
All forms must specify the action URL.
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
US seizes $15 billion in crypto from 'pig butchering' kingpin
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year
Oracles silently fixes zero-day exploit leaked by ShinyHunters
Microsoft warns that Windows 10 reaches end of support today
Security firms debate CVE credit in overlapping vulnerability reports
Secure Boot bypass risk threatens nearly 200,000 Linux Framework laptops
Chinese hackers abuse geo-mapping tool for year-long persistence
CVE-2025-27915 Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
CVE-2025-61882 Oracle E-Business Suite Unspecified Vulnerability
CVE-2010-3765 Mozilla Multiple Products Remote Code Execution Vulnerability
CVE-2011-3402 Microsoft Windows Remote Code Execution Vulnerability
CVE-2013-3918 Microsoft Windows Out-of-Bounds Write Vulnerability
CVE-2021-43226 Microsoft Windows Privilege Escalation Vulnerability
CVE-2010-3962 Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability
CVE-2021-22555 Linux Kernel Heap Out-of-Bounds Write Vulnerability
CVE-2025-4008 Smartbedded Meteobridge Command Injection Vulnerability
Free online web security scanner