Improper input validation
Improper input validation[1] or unchecked user input is a type of vulnerability in computer software that may be used for security exploits.[2] This vulnerability is caused when "[t]he product does not validate or incorrectly validates input that can affect the control flow or data flow of a program."[1]
Examples
Examples include:
- Buffer overflow
- Cross-site scripting
- Directory traversal
- Null byte injection
- SQL injection
- Uncontrolled format string
See also
- Input validation – Process of ensuring computer data is both correct and useful
- Common Weakness Enumeration – Catalog of software weaknesses and vulnerabilities (CWE)
References
- ^ a b "CWE-20: Improper Input Validation". Common Weakness Enumeration. MITRE. December 13, 2010. Retrieved February 22, 2011.
- ^ Erickson, Jon (2008). Hacking: the art of exploitation. No Starch Press Series (2, illustrated ed.). Safari Books Online. ISBN 978-1-59327-144-2.
External links
- "Input Validation". OWASP Cheat Sheet Series. Retrieved 2026-02-09.
- "Improper Data Validation". OWASP Foundation. Retrieved 2026-02-09.
 | This security software article is a stub. You can help Wikipedia by adding missing information. |
Content Disclaimer
Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.
- The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
- There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
- It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
- Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
- Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.