CWE-104

Struts: Form Bean Does Not Extend Validation Class

Variant

Draft

Description

If a form bean does not extend an ActionForm subclass of the Validator framework, it can expose the application to other weaknesses related to insufficient input validation.

Parent Weaknesses (ChildOf)

CWE-20: Improper Input Validation...

CWE-573: Improper Following of Specific...

Common Consequences

Scope

Other

Impact

Other

Scope

Confidentiality

Integrity

Availability

Other

Impact

Other

Potential Mitigations

Implementation

Ensure that all forms extend one of the Validation Classes.

Applicable Platforms

Java

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-104

Struts: Form Bean Does Not Extend Validation Class

Description

Relationships

Common Consequences

Potential Mitigations

Applicable Platforms