Apex : Using an insecure method

Classification

CWE

CWE-676

CWE/SANS Top 25 2011

CWE-676

Overview

The application call usafe method Configuration.disableTriggerCRUDSecurity(). Disabling CRUD security opens the door to attacks and requires manual validation.

References

CWE-676: Use of Potentially Dangerous Function

LOW

Apex : Using an insecure method

Classification

Overview

References

DerScanner Severity Score

Do you want to fix Apex : Using an insecure method in your application?

See also

Apex : Null salt

Apex : Empty encryption key

Apex : Hardcoded salt