CQE-9095: File Upload Control

 
File Upload Control
Practice ID: 9095 Maturity: Preliminary
+ Description

Description Summary

File Upload Control

Extended Description

Software unaware of file upload control incurs the risk of arbitrary code execution or other unexpected behaviors based on the type, extension, or other properties of the uploaded file.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9017Arbitrary Code Execution
Default Graph (primary)9001
ParentOf
Is
Issue
434File Upload Improper Input Neutralization
Quality Issues Organized by Practices (primary)9002
Page Last Updated or Reviewed: October 01, 2017