CWE-602 - CERT CVE

CWE-602 - Client-Side Enforcement of Server-Side Security

The software is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.

CAPEC ID Naziv
CAPEC-162 Manipulating Hidden Fields
CAPEC-202 Create Malicious Client
CAPEC-207 Removing Important Client Functionality
CAPEC-208 Removing/short-circuiting 'Purse' logic: removing/mutating 'cash' decrements
CAPEC-21 Exploitation of Trusted Identifiers
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-383 Harvesting Information via API Event Monitoring
CAPEC-384 Application API Message Manipulation via Man-in-the-Middle
CAPEC-385 Transaction or Event Tampering via Application API Manipulation
CAPEC-386 Application API Navigation Remapping
CAPEC-387 Navigation Remapping To Propagate Malicious Content
CAPEC-388 Application API Button Hijacking