db66f80f07
Implementation ticket: [SONARSEC-3702](https://sonarsource.atlassian.net/browse/SONARSEC-3702) Specification ticket: [APPSEC-541](https://sonarsource.atlassian.net/browse/APPSEC-541)
7 lines
311 B
Plaintext
7 lines
311 B
Plaintext
Environment variable tampering occurs in a web application when it retrieves
|
|
data like parameters or headers from an incoming HTTP request and uses it to define
|
|
the variables.
|
|
|
|
Depending on the controlled variable, an attacker could
|
|
man-in-the-middle network requests or, in rare cases, achieve code execution.
|