1.5.2 TODOΒΆ
Verify that serialization is not used when communicating with untrusted clients. If this is not possible, ensure that adequate integrity controls (and possibly encryption if sensitive data is sent) are enforced to prevent deserialization attacks including object injection.
| Level 1 | |
| Level 2 | X |
| Level 3 | X |
| CWE | NIST |
|---|---|
| 502 |