ASVS Requirement 1.3.8

• Level: 2
• Chapter: V1 Encoding and Sanitization
• Section: V1.3 Sanitization
• Source: 0x10-V1-Encoding-and-Sanitization.md

Description

Verify that the application appropriately sanitizes untrusted input before use in Java Naming and Directory Interface (JNDI) queries and that JNDI is configured securely to prevent JNDI injection attacks.