Incomplete Filtering of One or More Instances of Special Elements
This vulnerability occurs when an application receives external data but fails to properly neutralize all instances of potentially dangerous characters or code patterns before passing that data to another system component.
Incomplete filtering happens when a security check is only partially applied. For example, a developer might write a filter that removes a single instance of a special character like a quote (`'`) or a script tag (`<script>`), but an attacker can bypass this by injecting multiple instances. The system removes the first one, leaving the subsequent ones active and dangerous, allowing the attack to succeed. This flaw often stems from two common mistakes: either the filter only targets the first occurrence of a dangerous element when an input contains several, or it misses certain variants or contexts where those elements can appear. Effective security requires that all instances of a controlled element are identified and neutralized, regardless of how many times they occur or in what format they are presented.
Impact: Unexpected State
ID : DX-2
The following code takes untrusted input and uses a regular expression to filter "../" from the input. It then appends this result to the /home/user/ directory and attempts to read the file in the final resulting path.Code Example:
perlCode Example:
bashCode Example:
bashCode Example:
bash