Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

But this code will happily parse image tags, HTML markup, JavaScript, or any other commands an attacker may wish to send. The following picture demonstrates a remote image being loaded into the page on the request of the attacker:

Image RemovedImage Added

In this case. the trust boundary exists between the untrusted data and the CGI script, whereas the trusted domain is the web browser—or rather the HTML parsing and rendering engine within the web browser.

...

Tool

Diagnostic

Notes

Taint mode

Insecure dependency in parameter \d* of DBI::db=.* method call

Catches SQL injection.
Requires TaintIn attribute.

Related Guidelines

Bibliography

 

...

Image Modified Image Modified Image Modified