Tag Archives: CWE- 1174

CWE-1174 – ASP.NET Misconfiguration: Improper Model Validation

Read Time:15 Second

Description

The ASP.NET application does not use, or incorrectly uses, the model validation framework.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-1173

 

Consequences

Integrity: Unexpected State

Unchecked input leads to cross-site scripting, process control, and SQL injection vulnerabilities, among others.

 

Potential Mitigations

CVE References