An adversary exploits weaknesses in input validation by manipulating resource identifiers enabling the unintended modification or specification of a resource.
The target application allows the user to both specify the identifier used to access a system resource. Through this permission, the user gains the capability to perform actions on that resource (e.g., overwrite the file)
Typical Likelihood of Exploit
Solutions and Mitigations
Ensure all input content that is delivered to client is sanitized against an acceptable content specification.
More information is available — Please select a different filter.
Page Last Updated or Reviewed:
August 04, 2017
Use of the Common Attack Pattern Enumeration and Classification dictionary and classification taxonomy, and the associated references from this website, are subject to the