Struts: Unused Validation Form
Weakness ID: 107 (Weakness Variant)Status: Draft
+ Description

Description Summary

An unused validation form indicates that validation logic is not up-to-date.

Extended Description

It is easy for developers to forget to update validation logic when they remove or rename action form mappings. One indication that validation logic is not being properly maintained is the presence of an unused validation form.

+ Time of Introduction
  • Implementation
  • Operation
+ Applicable Platforms

Languages

Java

+ Potential Mitigations

Remove the unused Validation Form from the validation.xml file.

+ Weakness Ordinalities
OrdinalityDescription
Resultant
(where the weakness is typically related to the presence of some other weaknesses)
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class20Improper Input Validation
Seven Pernicious Kingdoms (primary)700
ChildOfCategoryCategory101Struts Validation Problems
Development Concepts (primary)699
ChildOfWeakness ClassWeakness Class398Indicator of Poor Code Quality
Research Concepts (primary)1000
+ Causal Nature

Explicit

+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
7 Pernicious KingdomsStruts: Unused Validation Form
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
7 Pernicious KingdomsExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Potential Mitigations, Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Description, Relationships, Taxonomy Mappings, Weakness Ordinalities
Back to top