CWE-579
J2EE Bad Practices: Non-serializable Object Stored in Session
The product stores a non-serializable object as an HttpSession attribute, which can hurt reliability.
Official CWE-579 definition at MITREImpactr finds and proves weaknesses like CWE-579 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist