Read Time:16 Second

Description

The ASP.NET application does not use an input validation framework.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-1173

 

Consequences

Integrity: Unexpected State

Unchecked input leads to cross-site scripting, process control, and SQL injection vulnerabilities, among others.

 

Potential Mitigations

Phase: Architecture and Design

Description: 

CVE References