CWE-625 - Permissive Regular Expression
CWE-625
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Permissive Regular Expression
- Description
The product uses a regular expression that does not sufficiently restrict the set of allowed values.
This effectively causes the regexp to accept substrings that match the pattern, which produces a partial comparison to the target. In some cases, this can lead to other weaknesses. Common errors include:
- Common Consequences
Scope: Access Control
Impact: Bypass Protection Mechanism
- Related Weaknesses
- Release Date:
- 2007-05-07
- Latest Modification Date:
- 2023-06-29
Free security scan for your website