...
This noncompliant code example may also violate rule ERR06ERR01-J. Do not allow exceptions to expose sensitive information if the information contained in the exceptions is considered sensitive.
...
describes a vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16. When a | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6a8eb93d0f55e634-09d2205b-45e243be-bc2ca624-9c328c65026c1c6e54379b7d"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | "Injection [RST]" | ]]></ac:plain-text-body></ac:structured-macro> |
CWE-116, "Improper Encoding or Escaping of Output" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e5cc937996a07b7e-7f0d4e18-4f814c50-9fa4a895-c0a29cc99b22b7086323a7c7"><ac:plain-text-body><![CDATA[ | [[OWASP 2005 | AA. Bibliography#OWASP 05]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="66ff7ff1abbb7f1b-6a3b3b52-428740ca-b5d4b997-374eec89b2d1a41c2f59479d"><ac:plain-text-body><![CDATA[ | [[OWASP 2007 | AA. Bibliography#OWASP 07]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2a6d119dc774cea7-9ce0083e-4ca449ee-acefac30-076b35beceac5254b3b31eec"><ac:plain-text-body><![CDATA[ | [[OWASP 2008 | AA. Bibliography#OWASP 08]] | [Testing for XML Injection (OWASP-DV-008) | https://www.owasp.org/index.php/Testing_for_XML_Injection_%28OWASP-DV-008%29] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="66f0f74b8a2493ab-8c89b28e-4a4842c8-99c7922e-0df1e8e86954ec22df19fe9d"><ac:plain-text-body><![CDATA[ | [[W3C 2008 | AA. Bibliography#W3C 08]] | 4.4.3 Included If Validating | ]]></ac:plain-text-body></ac:structured-macro> |
...