CWE-83

Overview
  • CWE ID
  • 83
  • CWE Name
  • Improper Neutralization of Script in Attributes in a Web Page
  • CWE Abstraction
  • Variant
  • CWE structure
  • Simple
  • CWE Status
  • Draft
Description
The software does not neutralize or incorrectly neutralizes "javascript:" or other URIs from dangerous attributes within tags, such as onmouseover, onload, onerror, or style.
Extended Description
Related CWEs
CWE ID View ID Nature Ordinal
79 1000 ChildOf Primary