Cornucopia - Ecommerce Website - AZ Q
Christopher can inject a command that the application will run at a higher privilege level.
Firstly apply appropriate input validation and encoding. In cases where the application must run with elevated privileges, raise privileges as late as possible, and drop them as soon as possible.
|OWASP SCP||OWASP ASVS||OWASP AppSensor||CAPEC||SAFECODE|