Threat P.A.HuDSrXSS.6

URI: P.A.HuDSrXSS.6

Description: Service Service disabled to prevent XSS attack on Client via its input Data: if service Service is disabled to prevent XSS attacks using malicious content injected via locally stored inpuut Data, this will make the service unavailable.

Threat Type: Primary Threat

Matching Pattern:

MP-HuDSrXSS

Finds human using a web browser that uses a service with a host and host manager, where the browser also uses locally stored data not entered nor updated by the user, plus optionally the service manager.

(empty)

SC.A.CCCmSCS.0

Client Client cannot access unavailable service Service: loss of availability in the service Service makes the connection from Client unavailable on all channels.

CSG-SuspendServiceVulnerableToXSS-Trigger

LossOfAvailability at Role_Service

(empty)

Threat P.A.HuDSrXSS.6

MP-HuDSrXSS

Triggered by Threat (0)

Triggers Secondary Threats (1)

SC.A.CCCmSCS.0

Triggered By Control Strategy (1)

Misbehaviour Sets (1)

Control Strategies (0)