CWE-610: Externally Controlled Reference to a Resource in Another Sphere

Description

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

Submission Date :

May 7, 2007, midnight

Modification Date :

2023-10-26 00:00:00+00:00

Organization :

MITRE

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

CWE-15: External Control of System or Configuration Setting
Go to
CWE-73: External Control of File Name or Path
Go to
CWE-384: Session Fixation
Go to
CWE-386: Symbolic Name not Mapping to Correct Object
Go to
CWE-441: Unintended Proxy or Intermediary ('Confused Deputy')
Go to
CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Go to
CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
Go to
CWE-611: Improper Restriction of XML External Entity Reference
Go to
CWE-664: Improper Control of a Resource Through its Lifetime
Go to
CWE-918: Server-Side Request Forgery (SSRF)
Go to
CWE-1021: Improper Restriction of Rendered UI Layers or Frames
Go to

Visit http://cwe.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Nov. 21, 2024 13:29