Download
| Alert*
Improper Neutralization of Server-Side Includes (SSI) Within a Web Page
Description The software generates a web page, but does not neutralize or incorrectly neutralizes user-controllable input that could be interpreted as a server-side include (SSI) directive. Applicable PlatformsLanguage Class: All Time Of Introduction
Related Attack Patterns Common Consequences
Detection MethodsNone Potential Mitigations
RelationshipsThis can be resultant from XSS/HTML injection because the same special characters can be involved. However, this is server-side code execution, not client-side.
Demonstrative ExamplesNone White Box Definitions None Black Box Definitions None Taxynomy Mappings
References:None |