You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Scenario #1 - This category shows a JNDI injection issue.
I don't believe a JNDI injection is a good example of a "security misconfiguration" issue. sure, sometimes there might be an unnecessary JNDI feature within some specific functionality, and it's really better to turn it off. However, in many other cases, the JNDI functionality is required, and cannot be simply removed. In this case, the best mitigation should follow the line of "Input Sanitization", Usage of "Parameterized Queries", and so on.
This is a much better example for Injection use cases (which is partially described in API10:2023 - Unsafe Consumption of APIs)
The text was updated successfully, but these errors were encountered:
Scenario #1 - This category shows a JNDI injection issue.
I don't believe a JNDI injection is a good example of a "security misconfiguration" issue. sure, sometimes there might be an unnecessary JNDI feature within some specific functionality, and it's really better to turn it off. However, in many other cases, the JNDI functionality is required, and cannot be simply removed. In this case, the best mitigation should follow the line of "Input Sanitization", Usage of "Parameterized Queries", and so on.
This is a much better example for Injection use cases (which is partially described in API10:2023 - Unsafe Consumption of APIs)
The text was updated successfully, but these errors were encountered: