Weakness

CWE-20: Improper Input Validation

Description

The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.


Extended Description

When software does not validate input properly, an attacker is able to craft the input in a form that is not expected by the rest of the application. This will lead to parts of the system receiving unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution.


Demonstrative Examples

N/A


Mitigations

N/A


Related Vulnerabilities


Related Weaknesses

Followers