You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Oracle Vulnerabilities - Insufficient Input Validation

in Applications Security

Summary:

It is recommended to:
• Ensure that the application performs validation of all headers, cookies, query strings, form fields, and
hidden fields (i.e., all affected parameters) against a rigorous specification at both server and client side.
• Restricting to a whitelist of necessary characters, characters that should absolutely be excluded, such
as “; , ‘”.
• Prevent various UTF-8 encoding using the enforcement of a character set on the HTML page by using the charset attribute in the “meta” HTML tag. Valid characters should generally be correctly encoded before they are displayed back to the users by replacing individual characters with their HTML-encoded equivalents. e.g.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!