CWE-644

Overview
  • CWE ID
  • 644
  • CWE Name
  • Improper Neutralization of HTTP Headers for Scripting Syntax
  • CWE Abstraction
  • Variant
  • CWE structure
  • Simple
  • CWE Status
  • Incomplete
Description
The application does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers, such as Flash.
Extended Description
Related CWEs
CWE ID View ID Nature Ordinal
116 1000 ChildOf Primary