Difference between revisions of "Struts: Unused Validation Form"
From OWASP
Weilin Zhong (talk | contribs) (Contents provided by Fortify.) |
|||
| Line 2: | Line 2: | ||
{{Template:Fortify}} | {{Template:Fortify}} | ||
| − | + | [[Category:FIXME|This is the text from the old template. This needs to be rewritten using the new template.]] | |
| + | |||
| + | Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}''' | ||
| + | |||
| + | [[ASDR_TOC_Vulnerabilities|Vulnerabilities Table of Contents]] | ||
| + | |||
| + | [[ASDR Table of Contents]] | ||
| + | __TOC__ | ||
| − | |||
==Description== | ==Description== | ||
| + | |||
| + | An unused validation form indicates that validation logic is not up-to-date. | ||
It is easy for developers to forget to update validation logic when they remove or rename action form mappings. One indication that validation logic is not being properly maintained is the presence of an unused validation form. | It is easy for developers to forget to update validation logic when they remove or rename action form mappings. One indication that validation logic is not being properly maintained is the presence of an unused validation form. | ||
| − | |||
| − | ==Related | + | ==Risk Factors== |
| + | |||
| + | TBD | ||
| + | |||
| + | ==Examples== | ||
| + | |||
| + | TBD | ||
| + | |||
| + | ==Related [[Attacks]]== | ||
| + | |||
| + | * [[Attack 1]] | ||
| + | * [[Attack 2]] | ||
| + | |||
| + | |||
| + | ==Related [[Vulnerabilities]]== | ||
| + | |||
| + | * [[Vulnerability 1]] | ||
| + | * [[Vulnerabiltiy 2]] | ||
| + | |||
| + | ==Related [[Controls]]== | ||
| + | |||
| + | * [[:Category:Input Validation]] | ||
| + | |||
| + | |||
| + | |||
| + | ==Related [[Technical Impacts]]== | ||
| + | |||
| + | * [[Technical Impact 1]] | ||
| + | * [[Technical Impact 2]] | ||
| + | |||
| − | == | + | ==References== |
| − | + | TBD | |
| − | |||
| − | + | __NOTOC__ | |
| − | |||
| + | [[Category:OWASP ASDR Project]] | ||
[[Category:Input Validation Vulnerability]] | [[Category:Input Validation Vulnerability]] | ||
[[Category:Struts]] | [[Category:Struts]] | ||
[[Category:Java]] | [[Category:Java]] | ||
[[Category:Implementation]] | [[Category:Implementation]] | ||
Revision as of 00:12, 1 October 2008
This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.
- This article includes content generously donated to OWASP by
Last revision (mm/dd/yy): 10/1/2008
Vulnerabilities Table of Contents
Contents
Description
An unused validation form indicates that validation logic is not up-to-date.
It is easy for developers to forget to update validation logic when they remove or rename action form mappings. One indication that validation logic is not being properly maintained is the presence of an unused validation form.
Risk Factors
TBD
Examples
TBD
Related Attacks
Related Vulnerabilities
Related Controls
Related Technical Impacts
References
TBD
