Validation performed in client
This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.
- Unvalidated input corrupts business logic (XSS, injection, etc...)
- Design phase
- Languages: any
- Operating platforms: any
Very high -- allows malicious input to be used in business logic.
Likelihood of exploit
Avoidance and mitigation
Validation must be performed in the business layer.