Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

IDS14-J. Do not trust the contents of hidden form fields

Created by David Svoboda, last modified by Fred Long on Aug 12, 2014

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

This rule is a stub. It is also an instance of the guideline IDS00-J. Sanitize untrusted data passed across a trust boundary.

Noncompliant Code Example

This noncompliant code example shows an example where ...

Compliant Solution

In this compliant solution, ...

Risk Assessment

Trusting the contents of hidden form fields may lead to all sorts of nasty things.

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
IDS14-J	High	Probable	High	P6	L2

Automated Detection

TBD

Bibliography

Fortify Diagnostic

No labels