CWE-236 - Improper Handling of Undefined Parameters

CWE ID:

CWE-236

Abstraction:Variant
Structure:Simple
Status:Draft

Release Date:2006-07-19
Latest Modification Date:2023-06-29

Weakness Name

Improper Handling of Undefined Parameters

Description

The product does not handle or incorrectly handles when a particular parameter, field, or argument name is not defined or supported by the product.

Common Consequences

Scope: Integrity

Impact: Unexpected State

Related Weaknesses

CWE-233Improper Handling of Parameters

Latest Security News

Latest CVE List

Common Alerts

HighLDAP Injection
HighAccess Control Issue - Improper Authorization
InformationalContent Security Policy (CSP) Report-Only Header Found
HighSQL Injection - MySQL
HighSQL Injection - MsSQL
HighExternal Redirect
LowServer Leaks Version Information via "Server" HTTP Response Header Field
MediumDirectory Browsing
InformationalObsolete Content Security Policy (CSP) Header Found
InformationalServer Leaks its Webserver Application via "Server" HTTP Response Header Field

Top CWE List