CWE-180 - CERT CVE

CWE-180 - Incorrect Behavior Order: Validate Before Canonicalize

The software validates input before it is canonicalized, which prevents the software from detecting data that becomes invalid after the canonicalization step.

CAPEC ID Naziv
CAPEC-267 Leverage Alternate Encoding
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic
CAPEC-78 Using Escaped Slashes in Alternate Encoding
CAPEC-79 Using Slashes in Alternate Encoding
CAPEC-80 Using UTF-8 Encoding to Bypass Validation Logic