Escape Sequence Injection
Variants:
Direct Persistent Session
Vector Type:
Attack
Relevance:
Technology Version Specific
Layer:
Application-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Input Validation, Terminal Emulator
Invented In:
24/02/2003
Added In:
08/12/2014
Vector Operation Method:
Malicious inputs can inject escape sequences to application logs making it possible for dangerous control characters to be executed on administrative users terminals
