CWE-141 - Improper Neutralization of Parameter/Argument Delimiters

CWE ID:

CWE-141

Abstraction:Variant
Structure:Simple
Status:Draft

Release Date:2006-07-19
Latest Modification Date:2023-06-29

Weakness Name

Improper Neutralization of Parameter/Argument Delimiters

Description

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter or argument delimiters when they are sent to a downstream component.

As data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions.

Common Consequences

Scope: Integrity

Impact: Unexpected State

Related Weaknesses

CWE-140Improper Neutralization of Delimiters

Top Security News

Top CVE List

Top Alert List

CSP
Content Security Policy (CSP) Header Not Set
MediumAbsence of Anti-CSRF Tokens
MediumMissing Anti-clickjacking Header
InformationalInformation Disclosure - Suspicious Comments
LowCross-Domain JavaScript Source File Inclusion
MediumContent Security Policy (CSP) Header Not Set
LowTimestamp Disclosure - Unix
LowCSP: X-Content-Security-Policy
InformationalRe-examine Cache-control Directives