SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 91

changes.mady.by.user Fred Long

Saved on

compared with

New Version 92

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

[Fortify 2008] "Input Validation and Representation: XML Injection"
[MITRE 2009] CWE ID 643 "Failure to Sanitize Data within XPath Expressions (aka 'XPath injection')"
[OWASP 2005] Testing for XPath Injection
[Sen 2007]
[Sun 2006] Ensure Data SecurityVOID IDS08-J. Prevent XML Injection      00. Input Validation and Data Sanitization (IDS)      VOID IDS10-J. Prevent XML external entity attacks

...

Image Added Image Added Image Added