CWE-103: Struts: Incomplete validate() Method Definition

ID CWE-103

Abstraction Variant

Structure Simple

Status Draft

The product has a validator form that either does not define a validate() method, or defines a validate() method but does not call super.validate().

If the code does not call super.validate(), the Validation Framework cannot check the contents of the form against a validation form. In other words, the validation framework will be disabled for the given form.

Modes of Introduction

Phase	Note
Implementation

Applicable Platforms

Type	Class	Name	Prevalence
Language		Java

Relationships

View			Weakness
# ID	View	Status	# ID	Name	Abstraction	Structure	Status
CWE-1000	Research Concepts	Draft	CWE-573	Improper Following of Specification by Caller	Class	Simple	Draft
CWE-700	Seven Pernicious Kingdoms	Incomplete	CWE-20	Improper Input Validation	Class	Simple	Stable