CAPEC - CAPEC-372: DEPRECATED: WASC-39 - XPath Injection (Version 3.9)


Common Attack Pattern Enumeration and Classification A Community Resource for Identifying and Understanding Attacks

Home > CAPEC List > CAPEC-372: DEPRECATED: WASC-39 - XPath Injection (Version 3.9)

CAPEC CATEGORY: DEPRECATED: WASC-39 - XPath Injection

Category ID: 372

Summary

This category is related to the WASC Threat Classification 2.0 item XPath Injection

Membership

Nature	Type	ID	Name
HasMember	Detailed Attack Pattern - A detailed level attack pattern in CAPEC provides a low level of detail, typically leveraging a specific technique and targeting a specific technology, and expresses a complete execution flow. Detailed attack patterns are more specific than meta attack patterns and standard attack patterns and often require a specific protection mechanism to mitigate actual attacks. A detailed level attack pattern often will leverage a number of different standard level attack patterns chained together to accomplish a goal.	83	XPath Injection

References

[REF-315] "WASC Threat Classification 2.0". WASC-39 - XPath Injection. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/XPath-Injection>.

Content History

More information is available — Please select a different filter.

Page Last Updated or Reviewed: December 17, 2020


	Site Map \| Terms of Use \| Manage Cookies \| Cookie Notice \| Privacy Policy \| Contact Us \| Use of the Common Attack Pattern Enumeration and Classification (CAPEC), and the associated references from this website are subject to the Terms of Use. CAPEC is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2007–2024, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.