CWE 830 Inclusion of Web Functionality from an Untrusted Source

The product includes web functionality (such as a web widget) from another domain, which causes it to operate within the domain of the product, potentially granting total access and control of the product to the untrusted source.

Created: 2010-12-08 Updated: 2023-06-29 Source: https://cwe.mitre.org/data/definitions/830.html

Vulnerabilities related to CWE-830

Related CAPEC definitions

No related CAPEC definitions found

Please note that CWE definitions are provided as a quick reference only. Visit http://cwe.mitre.org/ for a complete list of CWE entries and for more details.

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

CWE-830 : Inclusion of Web Functionality from an Untrusted Source

Related CAPEC definitions