VariantDraft

CWE-1174ASP.NET Misconfiguration: Improper Model Validation

Category: config

Description

The ASP.NET application does not use, or incorrectly uses, the model validation framework.

Common consequences· 1

  • Integrity — Unexpected State
    Unchecked input leads to cross-site scripting, process control, and SQL injection vulnerabilities, among others.

References

  1. https://cwe.mitre.org/data/definitions/1174.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
ASP.NET Misconfiguration: Not Using Input Validation Framework
CWE
ASP.NET Misconfiguration: Missing Custom Error Page
CWE
ASP.NET Misconfiguration: Password in Configuration File
CWE
Struts: Validator Turned Off
CWE
Struts: Incomplete validate() Method Definition
CWE
ASP.NET Misconfiguration: Use of Identity Impersonation
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.