CWE-97 - Improper Neutralization of Server-Side Includes (SSI) Within a Web Page
CWE-97
- Abstraction:
- Variant
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Improper Neutralization of Server-Side Includes (SSI) Within a Web Page
- Description
The product generates a web page, but does not neutralize or incorrectly neutralizes user-controllable input that could be interpreted as a server-side include (SSI) directive.
- Common Consequences
Scope: Confidentiality, Integrity, Availability
Impact: Execute Unauthorized Code or Commands
- Related Weaknesses
- Related Alerts
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website