Read Time:17 Second
Description
The software generates a web page, but does not neutralize or incorrectly neutralizes user-controllable input that could be interpreted as a server-side include (SSI) directive.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit:
Related Weaknesses
Consequences
Confidentiality, Integrity, Availability: Execute Unauthorized Code or Commands
Potential Mitigations
CVE References