CWE-107: Struts: Unused Validation Form

VariantDraft

An unused validation form indicates that validation logic is not up-to-date.

View on MITRE
Back to CWE Lookup

Extended Description

It is easy for developers to forget to update validation logic when they remove or rename action form mappings. One indication that validation logic is not being properly maintained is the presence of an unused validation form.

Technical Details

Structure
Simple

Applicable To

Languages
Java
Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-107

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references