CWE-183
Permissive List of Allowed Inputs
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses.
Official CWE-183 definition at MITREImpactr finds and proves weaknesses like CWE-183 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist