CAPEC-73: User-Controlled Filename
ID
CAPEC-73
Typical Severity
High
Likelihood Of Attack
High
Status
Draft
An attack of this type involves an adversary inserting malicious characters (such as a XSS redirection) into a filename, directly or indirectly that is then used by the target software to generate HTML text or other potentially executable content. Many websites rely on user-generated content and dynamically build resources like files, filenames, and URL links directly from user supplied data. In this attack pattern, the attacker uploads code that can execute in the client browser and/or redirect the client browser to a site that the attacker owns. All XSS attack payload variants can be used to pass and exploit these vulnerabilities.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-20 | Improper Input Validation | weakness |
CWE-86 | Improper Neutralization of Invalid Characters in Identifiers in Web Pages | weakness |
CWE-96 | Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') | weakness |
CWE-116 | Improper Encoding or Escaping of Output | weakness |
CWE-184 | Incomplete List of Disallowed Inputs | weakness |
CWE-348 | Use of Less Trusted Source | weakness |
CWE-350 | Reliance on Reverse DNS Resolution for a Security-Critical Action | weakness |
CWE-697 | Incorrect Comparison | weakness |