Categories

The product's intended functionality exposes information to certain actors in accordance with the developer's security policy, but this information is regarded as sensitive according to the intended security policies of other stakeholders such as the product's administrator, users, or others whose information is being processed.

The application uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.

The web application does not filter user-controlled input for executable script disguised using doubling of the involved characters.

The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that requests.

The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.

The software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.

The application is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.

The software creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file.

The software uses a database table that includes records that should not be accessible to an actor, but it executes a SQL statement with a primary key that can be controlled by that actor.

The software uses a reference count to manage a resource, but it does not update or incorrectly updates the reference count.