CWE-554ASP.NET Misconfiguration: Not Using Input Validation Framework

PUBLISHEDweakness record
released 2006-07-19 · last modified 2023-06-29

Metadata

CWE ID:
CWE-554
摘要:
Variant
结构:
Simple
状态:
Draft
发布日期:
2006-07-19
更新日期:
2023-06-29

名称

ASP.NET Misconfiguration: Not Using Input Validation Framework

描述

The ASP.NET application does not use an input validation framework.

常见后果

范围:
Integrity
影响:
Unexpected State
注释:
Unchecked input leads to cross-site scripting, process control, and SQL injection vulnerabilities, among others.

相关 CWE