...
Validating input before removing or modifying characters in the input string can allow malicious input to bypass validation checks.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
IDS11-J | High | Probable | No | NoMedium | P12P6 | L1L2 |
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| The Checker Framework |
| Tainting Checker | Trust and security errors (see Chapter 8) | ||||||
| Parasoft Jtest |
| CERT.IDS11.VPPD | Validate all dangerous data |
...