Detailedlikelihood: Lowseverity: HighStable

CAPEC-146XML Schema Poisoning

Abstraction
Detailed
Status
Stable
Likelihood
Low
Severity
High

Description

An adversary corrupts or modifies the content of XML schema information passed between a client and server for the purpose of undermining the security of the target. XML Schemas provide the structure and content definitions for XML documents. Schema poisoning is the ability to manipulate a schema either by replacing or modifying it to compromise the programs that process documents that use this schema.

Related weaknesses· 2

CWE-15CWE-472

Related attack patterns· 1

CAPEC-271 (ChildOf)

Exploits2

TypeTargetConfidenceTier
WeaknessExternal Control of Assumed-Immutable Web Parametercwe-472100%live
WeaknessExternal Control of System or Configuration Settingcwe-15100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Schema Poisoning
CAPEC
XML Injection
CAPEC
Poison Web Service Registry
CAPEC
SOAP Manipulation
CAPEC
Cache Poisoning
CAPEC
Data Interchange Protocol Manipulation
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.