CWE-450 – Multiple Interpretations of UI Input
Description The UI has multiple interpretations of user input but does not prompt the user when it selects the less secure interpretation. Modes of Introduction:...
CWE-45 – Path Equivalence: ‘file…name’ (Multiple Internal Dot)
Description A software system that accepts path input in the form of multiple internal dot ('file...dir') without appropriate validation can lead to ambiguous path resolution...
CWE-449 – The UI Performs the Wrong Action
Description The UI performs the wrong action with respect to the user's request. Modes of Introduction: - Implementation Related Weaknesses CWE-446 Consequences...
CWE-448 – Obsolete Feature in UI
Description A UI function is obsolete and the product does not warn the user. Modes of Introduction: - Implementation Related Weaknesses CWE-446 ...
CWE-447 – Unimplemented or Unsupported Feature in UI
Description A UI function for a security feature appears to be supported and gives feedback to the user that suggests that it is supported, but...
CWE-446 – UI Discrepancy for Security Feature
Description The user interface does not correctly enable or configure a security feature, but the interface provides feedback that causes the user to believe that...
CWE-444 – Inconsistent Interpretation of HTTP Requests (‘HTTP Request Smuggling’)
Description When malformed or abnormal HTTP requests are interpreted by one or more entities in the data flow between the user and the web server,...
CWE-443 – DEPRECATED: HTTP response splitting
Description This weakness can be found at CWE-113. Modes of Introduction: Related Weaknesses Consequences Potential Mitigations CVE References
CWE-441 – Unintended Proxy or Intermediary (‘Confused Deputy’)
Description The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the...
CWE-440 – Expected Behavior Violation
Description A feature, API, or function does not perform according to its specification. Modes of Introduction: - Architecture and Design Related Weaknesses CWE-684...