1. Home
  2. CWE
  3. Detail

CWE-1289: Improper Validation of Unsafe Equivalence in Input

Weakness Details
Description

The product receives an input value that is used as a resource identifier or other type of reference, but it does not validate or incorrectly validates that the input is equivalent to a potentially-unsafe value.

Submission Date :

June 24, 2020, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

MITRE
Extended Description

Attackers can sometimes bypass input validation schemes by finding inputs that appear to be safe, but will be dangerous when processed at a lower layer or by a downstream component. For example, a simple XSS protection mechanism might try to validate that an input has no " © cvefeed.io

Privacy Policy | Terms of Service | Refund Policy
We use cookies to improve your experience and analyze site usage. Privacy Policy

Cookie Preferences

Choose which cookies you'd like to allow. Essential cookies are always active.

Essential Always active
Required for the site to function. Includes session, security, and load-balancing cookies.
Analytics
Help us understand how visitors use the site so we can improve it. Data is aggregated and anonymous.