[Owasp-appsensor-project] Additional Detection Points - Violation of Implemented Black Lists

Colin Watson colin.watson at owasp.org
Wed Jun 9 10:16:02 EDT 2010


Suggestion to add a new detection point.  Has this already been ruled
out?  Should it be added?  Is the description/categorization suitable?

Source
-----------------------------------
Item 4 in
[Owasp-appsensor-project] AppSensor- a few ideas, Fri Sep 18 10:30:31 EDT 2009
https://lists.owasp.org/pipermail/owasp-appsensor-project/2009-September/000005.html

Description
-----------------------------------
The application receives user-supplied data that violates an
established black list validation (e.g. URL in comment filed that is
found in Google Safe Browsing Database).

Suggested categorization
-----------------------------------
IE3 Violation of Implemented Black Lists


More information about the Owasp-appsensor-project mailing list