CWE-796 – Only Filtering Special Elements Relative to a Marker

Read Time:21 Second

Description

The software receives data from an upstream component, but only accounts for special elements positioned relative to a marker (e.g. “at the beginning/end of a string; the second argument”), thereby missing remaining special elements that may exist before sending it to a downstream component.

Modes of Introduction:

– Implementation

Likelihood of Exploit:

 

Related Weaknesses

CWE-795

 

Consequences

Integrity: Unexpected State

 

Potential Mitigations

CVE References