This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Top 10 2010-A1-Injection"
From OWASP
| Line 1: | Line 1: | ||
{{Top_10_2010:TopTemplate|usenext=NextLink|next=-Broken Authentication and Session Management|useprev=PrevLink|prev=-Cross Site Request Forgery|usemain=MainLink|main=}} | {{Top_10_2010:TopTemplate|usenext=NextLink|next=-Broken Authentication and Session Management|useprev=PrevLink|prev=-Cross Site Request Forgery|usemain=MainLink|main=}} | ||
| − | {{Top_10_2010: | + | {{Top_10_2010:SubsectionTemplate|Am I Vulnerable to Injection?| |
blah | blah | ||
blah | blah | ||
Revision as of 20:43, 13 April 2010
NOTE: THIS IS NOT THE LATEST VERSION. Please visit the OWASP Top 10 project page to find the latest edition.
Am I Vulnerable to Injection?
blah blah blah more and more yada yada yad blah blah blah more and more yada yada yad blah blah blah more and more yada yada yad blah blah blah more and more yada yada yad blah blah blah more and more yada yada yad blah blah blah more and more yada yada yad blah blah blah more and more yada yada yad
Example Attack Scenario
How Do I Prevent XSS?
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4899
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3389
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0580
Related Articles
References
- CWE: CWE-200 (Information Leak), CWE-203 (Discrepancy Information Leak), CWE-215 (Information Leak Through Debug Information), CWE-209 (Error Message Information Leak), others.
- WASC Threat Classification:
