Read Time:22 Second
Description
Automatic filtering via a Struts bean has been turned off, which disables the Struts Validator and custom validation logic. This exposes the application to other weaknesses related to insufficient input validation.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Access Control: Bypass Protection Mechanism
Potential Mitigations
Phase: Implementation
Description:
Ensure that an action form mapping enables validation. Set the validate field to true.