...
Logging unsanitized user input can also result in leaking sensitive data across a trust boundary, or storing sensitive data in a manner that violates local law or regulation. For example, if a user can inject an unencrypted credit card number into a log file, the system could violate PCI DSS regulations [PCI 2010]. See rule IDS00-J. Sanitize untrusted data passed across a trust boundary for more details on input sanitization.
...
This compliant solution sanitizes the username input before logging it, preventing injection attacks. Refer to rule IDS00-J. Sanitize untrusted data passed across a trust boundary for more details on input sanitization.
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="7a6b5e7084616606-b56c413f-45b64ae3-b17a80c2-c6565305f85be99bcd64bfd8"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | Injection [RST] | ]]></ac:plain-text-body></ac:structured-macro> |
CWE-144. Improper neutralization of line delimiters | ||||
| CWE-150. Improper neutralization of escape, meta, or control sequences |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6f6e30dcd11e74d9-8ae60bf3-4df34eb6-80ccb3cd-aa9f33b15726ceda4e7cfa93"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="aa3dad2820d5fb8a-781f3fc0-42c74acf-b2aabb5c-41cdfe9c8ff074a9e7410bfe"><ac:plain-text-body><![CDATA[ | [[OWASP 2008 | AA. Bibliography#OWASP 08]] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="1e09cda43f2c2883-86a61d99-4f414a7e-89859ab1-cb5068e0d8312ed7c0f5f84d"><ac:plain-text-body><![CDATA[ | [[PCI DSS Standard | https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml]] | ]]></ac:plain-text-body></ac:structured-macro> |
...