CWE-472

Overview

CWE ID
472

CWE Name
External Control of Assumed-Immutable Web Parameter

CWE Abstraction
Base

CWE structure
Simple

CWE Status
Draft

Description

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.

Extended Description

Related CWEs

CWE ID	View ID	Nature	Ordinal
642	1000	ChildOf	Primary
471	1000	ChildOf

Related CVEs

CVE
CVE-2021-1295
CVE-2021-1294
CVE-2021-1293
CVE-2021-1292
CVE-2021-1291
CVE-2021-1290
CVE-2021-1289
CVE-2022-30597
CVE-2021-27770
CVE-2020-1765
CVE-2023-24373
CVE-2023-28512
CVE-2023-38520
CVE-2024-22049
CVE-2024-25153
CVE-2023-38520
CVE-2024-22049
CVE-2024-25153
CVE-2024-6010
CVE-2024-9123
CVE-2024-9123
CVE-2024-9123
CVE-2024-9123
CVE-2024-9123
CVE-2024-9123
CVE-2024-9123
CVE-2024-9123
CVE-2024-9123
CVE-2024-9123
CVE-2024-9123