CWE-184
Incomplete List of Disallowed Inputs
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.
Official CWE-184 definition at MITREImpactr finds and proves weaknesses like CWE-184 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist