Back to CWE list
CWE-554
ASP.NET Misconfiguration: Not Using Input Validation Framework
Variant
Draft
Description
The ASP.NET application does not use an input validation framework.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Integrity
Impact
Unexpected State
Potential Mitigations
Architecture and Design
Use the ASP.NET validation framework to check all program input before it is processed by the application. Example uses of the validation framework include checking to ensure that: Phone number fields contain only valid characters in phone numbers Boolean values are only "T" or "F" Free-form strings are of a reasonable length and composition
Applicable Platforms
ASP.NET
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now