CWE-554β€”ASP.NET Misconfiguration: Not Using Input Validation Framework

PUBLISHEDweakness record
released 2006-07-19 Β· last modified 2023-06-29

Metadata

CWE ID:
CWE-554
Abstraction:
Variant
Structure:
Simple
Status:
Draft
Release Date:
2006-07-19
Latest Modification Date:
2023-06-29

Weakness Name

ASP.NET Misconfiguration: Not Using Input Validation Framework

Description

The ASP.NET application does not use an input validation framework.

Common Consequences

Scope:
Integrity
Impact:
Unexpected State
Notes:
Unchecked input leads to cross-site scripting, process control, and SQL injection vulnerabilities, among others.

Related Weaknesses