CAPEC Related Weakness
Choosing a Message/Channel Identifier on a Public/Multicast Channel
CWE-201Information Exposure Through Sent Data
CWE-306Missing Authentication for Critical Function
Using Unpublished Web Service APIs
CWE-306Missing Authentication for Critical Function
CWE-693Protection Mechanism Failure
CWE-695Use of Low-Level Functionality
Manipulating Writeable Terminal Devices
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-306Missing Authentication for Critical Function
Cross Site Request Forgery (aka Session Riding)
CWE-306Missing Authentication for Critical Function
CWE-352
CWE-664Improper Control of a Resource Through its Lifetime
CWE-716
CWE-732Incorrect Permission Assignment for Critical Resource
Back to Top