Categories

The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters that could be interpreted as web-scripting elements when they are sent to an error page.

The server contains a protection mechanism that assumes that any URI that is accessed using HTTP GET will not cause a state change to the associated resource. This might allow attackers to bypass intended access restrictions and conduct resource modification and deletion attacks, since some applications allow GET to modify state.

The software has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack.

The product receives a complex input with multiple elements or fields that must be consistent with each other, but it does not validate or incorrectly validates that the input is actually consistent.

The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.

The software does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the software.

The software does not adequately filter user-controlled input for special elements with control implications.

The software does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.

Creating and using insecure temporary files can leave application and system data vulnerable to attack.

The code is structured in a way that relies too much on using or setting global variables throughout various points in the code, instead of preserving the associated information in a narrower, more local context.