Read Time:22 Second
Description
The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Other: Varies by Context
Potential Mitigations
Phase: Implementation
Effectiveness: High
Description:
CVE References
- CVE-2008-2223
- SQL injection through an ID that was supposed to be numeric.