CWE-84
Improper Neutralization of Encoded URI Schemes in a Web Page
The web application improperly neutralizes user-controlled input for executable script disguised with URI encodings.
Official CWE-84 definition at MITREImpactr finds and proves weaknesses like CWE-84 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist