Statements (13)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:bfsLayer |
6
|
| gptkbp:bfsParent |
gptkb:CWE-23
|
| gptkbp:category |
Code Quality
|
| gptkbp:example |
A web application that allows users to input Java Script code that is then executed on the server.
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-895
|
| gptkbp:impact |
Execution of arbitrary code
|
| gptkbp:investment |
gptkb:High
|
| gptkbp:is_described_as |
The software constructs code dynamically from user input, which can lead to unintended code execution.
|
| gptkbp:is_protected_by |
Validate and sanitize user inputs.
|
| gptkbp:is_referenced_in |
https://cwe.mitre.org/data/definitions/895.html
|
| gptkbp:name |
Improper Control of Generation of Code (' Code Injection')
|
| gptkbp:related_to |
Code Injection
|