CWE-1174 - ASP.NET Misconfiguration: Improper Model Validation
- Abstraction:Variant
- Structure:Simple
- Status:Draft
- Release Date:2019-01-03
- Latest Modification Date:2023-06-29
Weakness Name
ASP.NET Misconfiguration: Improper Model Validation
Description
The ASP.NET application does not use, or incorrectly uses, the model validation framework.
Common Consequences
Scope: Integrity
Impact: Unexpected State
Notes: Unchecked input leads to cross-site scripting, process control, and SQL injection vulnerabilities, among others.