F096. Insecure deserialization

Description

The system deserializes objects without first validating their content nor casting them to a specific type.

Rules

  1. R173. Discard unsafe inputs

  2. R321. Avoid deserializing untrusted data

OWASP logo

Corporate member of The OWASP Foundation

Clutch Review

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy