CWE-1063 – Creation of Class Instance within a Static Code Block
Description A static code block creates an instance of a class. Modes of Introduction: Related Weaknesses CWE-1176 Consequences Other: Reduce Performance ...
CWE-1064 – Invokable Control Element with Signature Containing an Excessive Number of Parameters
Description The software contains a function, subroutine, or method whose signature has an unnecessarily large number of parameters/arguments. Modes of Introduction: Related Weaknesses...
CWE-1065 – Runtime Resource Management Control Element in a Component Built to Run on Application Servers
Description The application uses deployed components from application servers, but it also uses low-level functions/methods for management of resources, instead of the API provided by...
CWE-1004 – Sensitive Cookie Without ‘HttpOnly’ Flag
Description The software uses a cookie to store sensitive information, but the cookie is not marked with the HttpOnly flag. The HttpOnly flag directs compatible...
CWE-1007 – Insufficient Visual Distinction of Homoglyphs Presented to User
Description The software displays information or identifiers to a user, but the display mechanism does not make it easy for the user to distinguish between...
CWE-102 – Struts: Duplicate Validation Forms
Description The application uses multiple validation forms with the same name, which might cause the Struts Validator to validate a form that the programmer does...
CWE-1021 – Improper Restriction of Rendered UI Layers or Frames
Description The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead...
CWE-1022 – Use of Web Link to Untrusted Target with window.opener Access
Description The web application produces links to untrusted external sites outside of its sphere of control, but it does not properly prevent the external site...
CWE-1023 – Incomplete Comparison with Missing Factors
Description The software performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one...
CWE-1024 – Comparison of Incompatible Types
Description The software performs a comparison between two entities, but the entities are of different, incompatible types that cannot be guaranteed to provide correct results...