Standardlikelihood: Highseverity: HighDraft

CAPEC-73User-Controlled Filename

Abstraction
Standard
Status
Draft
Likelihood
High
Severity
High

Description

An attack of this type involves an adversary inserting malicious characters (such as a XSS redirection) into a filename, directly or indirectly that is then used by the target software to generate HTML text or other potentially executable content. Many websites rely on user-generated content and dynamically build resources like files, filenames, and URL links directly from user supplied data. In this attack pattern, the attacker uploads code that can execute in the client browser and/or redirect the client browser to a site that the attacker owns. All XSS attack payload variants can be used to pass and exploit these vulnerabilities.

Related weaknesses· 8

CWE-20CWE-184CWE-96CWE-348CWE-116CWE-350CWE-86CWE-697

Related attack patterns· 2

CAPEC-165 (ChildOf)CAPEC-592 (CanPrecede)

Exploits8

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Invalid Characters in Identifiers in Web Pagescwe-86100%live
WeaknessImproper Input Validationcwe-20100%live
WeaknessReliance on Reverse DNS Resolution for a Security-Critical Actioncwe-350100%live
WeaknessImproper Neutralization of Directives in Statically Saved Code ('Static Code Injection')cwe-96100%live
WeaknessImproper Encoding or Escaping of Outputcwe-116100%live
WeaknessUse of Less Trusted Sourcecwe-348100%live
WeaknessIncorrect Comparisoncwe-697100%live
WeaknessIncomplete List of Disallowed Inputscwe-184100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Passing Local Filenames to Functions That Expect a URL
CAPEC
XSS Targeting URI Placeholders
CAPEC
XSS Through HTTP Query Strings
CAPEC
Cross-Site Scripting (XSS)
CAPEC
Manipulating Web Input to File System Calls
CAPEC
XSS Through HTTP Headers
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.