CWE-1174ASP.NET Misconfiguration: Improper Model Validation

PUBLISHEDweakness record
released 2019-01-03 · last modified 2025-12-11

Metadata

CWE ID:
CWE-1174
摘要:
Variant
结构:
Simple
状态:
Draft
发布日期:
2019-01-03
更新日期:
2025-12-11

名称

ASP.NET Misconfiguration: Improper Model Validation

描述

The ASP.NET application does not use, or incorrectly uses, the model validation framework.

常见后果

范围:
Integrity
影响:
Unexpected State
注释:
Unchecked input leads to cross-site scripting, process control, and SQL injection vulnerabilities, among others.

相关 CWE