CWE-81
Overview
- CWE ID
- 81
- CWE Name
- Improper Neutralization of Script in an Error Message Web Page
- CWE Abstraction
- Variant
- CWE structure
- Simple
- CWE Status
- Incomplete
Description
The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters that could be interpreted as web-scripting elements when they are sent to an error page.