CWE-181 - CERT CVE

CWE-181 - Incorrect Behavior Order: Validate Before Filter

The software validates data before it has been filtered, which prevents the software from detecting data that becomes invalid after the filtering step.

CAPEC ID Naziv
CAPEC-120 Double Encoding
CAPEC-267 Leverage Alternate Encoding
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-78 Using Escaped Slashes in Alternate Encoding
CAPEC-79 Using Slashes in Alternate Encoding
CAPEC-80 Using UTF-8 Encoding to Bypass Validation Logic