Page History

...

Compliant Solution

This compliant solution sanitizes just validates the username input before logging it, preventing injection attacks. Refer to rule IDS00-J. Sanitize untrusted data passed across a trust boundary for more details on input sanitization.

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6233782dc3a4ae5d-69e416c7-49a149fe-af0f9d7b-d2a19aba0aa2f91837f5c11f"><ac:plain-text-body><![CDATA[	[ISO/IEC TR 24772:2010	http://www.aitcnet.org/isai/]	Injection [RST]	]]></ac:plain-text-body></ac:structured-macro>
MITRE CWE	CWE-144. Improper neutralization of line delimiters
	CWE-150. Improper neutralization of escape, meta, or control sequences

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="7223b5e2ee64fdd7-c868a74e-48244847-8398a037-030a537624a2e1f10406a720"><ac:plain-text-body><![CDATA[	[[API 2006	AA. References#API 06]]	]]></ac:plain-text-body></ac:structured-macro>
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c848dcbbc9d2688b-fe6da505-455b42f8-8fb08e40-7717cd4816f64c86ee239a13"><ac:plain-text-body><![CDATA[	[[OWASP 2008	AA. References#OWASP 08]]	]]></ac:plain-text-body></ac:structured-macro>
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="beb539bec56034f5-3bb6e90d-466c4010-890caad8-140dd908d513e7f7d288c05d"><ac:plain-text-body><![CDATA[	[[PCI DSS Standard	https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml]]	]]></ac:plain-text-body></ac:structured-macro>

...