CWE-109 - Struts: Validator Turned Off
- Abstraction:Variant
- Structure:Simple
- Status:Draft
- Release Date:2006-07-19
- Latest Modification Date:2023-06-29
Weakness Name
Struts: Validator Turned Off
Description
Automatic filtering via a Struts bean has been turned off, which disables the Struts Validator and custom validation logic. This exposes the application to other weaknesses related to insufficient input validation.
Common Consequences
Scope: Access Control
Impact: Bypass Protection Mechanism