CWE-134
Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
Official CWE-134 definition at MITREImpactr finds and proves weaknesses like CWE-134 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist