CWE-97

VariantDraft

Improper Neutralization of Server-Side Includes (SSI) Within a Web Page

The product generates a web page, but does not neutralize or incorrectly neutralizes user-controllable input that could be interpreted as a server-side include (SSI) directive.

5 linked vulnerabilities

1 related weaknesses

Confidentiality

Integrity

Availability

Execute Unauthorized Code or Commands

Modes of Introduction

Implementation

Related Weaknesses

CWE-96ChildOf

External Links

MITRE CWE Database