Matches in DBpedia 2016-04 for { <http://wikidata.dbpedia.org/resource/Q6784017> ?p ?o }
Showing triples 1 to 21 of
21
with 100 triples per page.
- Q6784017 subject Q7583565.
- Q6784017 abstract "Mass assignment is a computer vulnerability where an active record pattern in a web application is abused to modify data items that the user should not normally be allowed to access such as password, granted permissions, or administrator status.Many web application frameworks offer an active record and object-relational mapping features, where external data in serialization formats is automatically converted on input into internal objects and, in turn, into database record fields. If the framework's interface for that conversion is too permissive and application designer doesn't mark specific fields as immutable, it's possible to overwrite fields that were never intended to be modified from outside (e.g. admin permissions flag).These vulnerabilities were found in applications written in Ruby on Rails, ASP.NET MVC, Java Play framework, LaravelIn 2012 mass assignment on Ruby on Rails allowed bypassing of mapping restrictions and resulted in proof of concept injection of unauthorized SSH public keys into user accounts at GitHub. Further vulnerabilities in Ruby on Rails allowed creation of internal objects through a specially crafted JSON structure.".
- Q6784017 wikiPageWikiLink Q1127410.
- Q6784017 wikiPageWikiLink Q1201019.
- Q6784017 wikiPageWikiLink Q1330336.
- Q6784017 wikiPageWikiLink Q13634357.
- Q6784017 wikiPageWikiLink Q170460.
- Q6784017 wikiPageWikiLink Q1713118.
- Q6784017 wikiPageWikiLink Q189210.
- Q6784017 wikiPageWikiLink Q190478.
- Q6784017 wikiPageWikiLink Q2063.
- Q6784017 wikiPageWikiLink Q216601.
- Q6784017 wikiPageWikiLink Q3392101.
- Q6784017 wikiPageWikiLink Q344181.
- Q6784017 wikiPageWikiLink Q364.
- Q6784017 wikiPageWikiLink Q581643.
- Q6784017 wikiPageWikiLink Q58748.
- Q6784017 wikiPageWikiLink Q631425.
- Q6784017 wikiPageWikiLink Q7583565.
- Q6784017 comment "Mass assignment is a computer vulnerability where an active record pattern in a web application is abused to modify data items that the user should not normally be allowed to access such as password, granted permissions, or administrator status.Many web application frameworks offer an active record and object-relational mapping features, where external data in serialization formats is automatically converted on input into internal objects and, in turn, into database record fields.".
- Q6784017 label "Mass assignment vulnerability".