#1087 restore and modify 12.4.1 - file execution as program code with…

… direct http request
OWASP · Sep 23, 2024 · 4d3137c · 4d3137c
1 parent 524c6cf
commit 4d3137c
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/5.0/en/0x20-V12-Files-Resources.md b/5.0/en/0x20-V12-Files-Resources.md
@@ -41,7 +41,7 @@ Although zip bombs can be effectively tested using penetration testing technique
 
 | # | Description | L1 | L2 | L3 | CWE |
 | :---: | :--- | :---: | :---: | :---: | :---: |
-| **12.4.1** | [DELETED, DUPLICATE OF 4.1.3] | | | | |
+| **12.4.1** | [MODIFIED] Verify that files uploaded or generated by untrusted input which are stored in a public folder are not executable as server-side program code when accessed directly by an end user. | ✓ | ✓ | ✓ | 552 |
 | **12.4.2** | Verify that files obtained from untrusted sources are scanned by antivirus scanners to prevent upload and serving of known malicious content. | ✓ | ✓ | ✓ | 509 |
 
 ## V12.5 File Download