CWE-97 - Improper Neutralization of Server-Side Includes (SSI) Within a Web Page
The software generates a web page, but does not neutralize or incorrectly neutralizes user-controllable input that could be interpreted as a server-side include (SSI) directive.
