Home >> Taxonomy >> Asvs 4.0.3 >> 12 files and resources >> 04 file storage

File Storage

V12.4.1

Verify that files obtained from untrusted sources are stored outside the web root, with limited permissions.

Level 1 required: True

Level 2 required: True

Level 3 required: True

CWE: 552

V12.4.2

Verify that files obtained from untrusted sources are scanned by antivirus scanners to prevent upload and serving of known malicious content.

Level 1 required: True

Level 2 required: True

Level 3 required: True

CWE: 509

Disclaimer:

Credit via OWASP ASVS. For more information visit The OWASP ASVS Project or Github respository.. OWASP ASVS is under the Creative Commons Attribution-Share Alike v3.0 license.

View source on GitHub

Loading comments 0%