Overview

The Insecure Processing of Data category contains several vulnerability classes:

• Cross-site scripting (XSS) (CWE-79)
• Deserialization (CWE-502)
• Server-Side Request Forgery (SSRF) (CWE-918)
• LDAP Injection (CWE-90)
• XML External Entity (XXE) Injection (CWE-611)
• XPATH Injection (CWE-643)
• Buffer Overflow (CWE-787)
• Format String (CWE-134)
• Integer Overflow (CWE-190)
• Denial-of-Service (CWE-400)
• Data Amplification (CWE-409)