...
Failing to validate user input may result in a Java application being seriously compromised. Information disclosure is possible, but most likely the attacker will be able to modify sensitive information, such as in the example above in which the attacker modifies the data in the price field. In certain cases, such as a table representing users and privileges, the attacker could be able to modify information about their user account that would allow them to run code with elevated privileges.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
FIO06 MSC36-J-J | medium | probable medium | high medium | P4 | L3 |
Related Vulnerabilities
...