CWE-83
Overview
- CWE ID
- 83
- CWE Name
- Improper Neutralization of Script in Attributes in a Web Page
- CWE Abstraction
- Variant
- CWE structure
- Simple
- CWE Status
- Draft
Description
The software does not neutralize or incorrectly neutralizes "javascript:" or other URIs from dangerous attributes within tags, such as onmouseover, onload, onerror, or style.
Extended Description
Related CWEs
CWE ID | View ID | Nature | Ordinal |
---|---|---|---|
79 | 1000 | ChildOf | Primary |