VariantDraft

CWE-110Struts: Validator Without Form Field

Category: other

Description

Validation fields that do not appear in forms they are associated with indicate that the validation logic is out of date.

Common consequences· 1

  • Other — Other
    It is critically important that validation logic be maintained and kept in sync with the rest of the application. Unchecked input is the root cause of some of today's worst and most common software security problems. Cross-site scripting, SQL injection, and process control vulnerabilities all stem from incomplete or absent input validation.

References

  1. https://cwe.mitre.org/data/definitions/110.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Struts: Unused Validation Form
CWE
Struts: Unvalidated Action Form
CWE
Struts: Incomplete validate() Method Definition
CWE
Struts: Form Bean Does Not Extend Validation Class
CWE
Struts: Plug-in Framework not in Use
CWE
Struts: Validator Turned Off
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.