Schema is empty

Description

The schema is empty. This means that your API accepts any JSON values.

For more details, see the OpenAPI Specification.

Example

The following is an example of how this type of risk could look in your API definition. The method POST accepts a JSON payload in the body but does not specify the schema of the payload:

"post": {
  "description": "Creates a new pet in the store",
  "operationId": "addPet",
  "parameters": [
    {
      "name": "pet",
      "in": "body",
      "description": "pet to add to the system",
      "required": true,
      "schema": {    }
    }
  ]
}

Possible exploit scenario

If do not clearly define the schema and properties of a JSON payload empty, you effectively allow attackers to pass in any data. This means that you are opening your backend to various attacks, such as SQL injection.

This also lets attackers to try various unexpected inputs. Unexpected inputs may cause the backend server to crash or behave in an unexpected way. This in turn may cause the server to potentially leak stack trace that can be used for further attacks, or even data.

Remediation

Make sure you define schemas for all JSON payloads. Here, a specific JSON object NewPet is defined in #/definitions and referenced as the schema for the API method:

"post": {
  "description": "Creates a new pet in the store",
  "operationId": "addPet",
  "parameters": [
    {
      "name": "pet",
      "in": "body",
      "description": "pet to add to the system",
      "required": true,
      "schema": {
        "$ref": "#/definitions/NewPet"
      }
    }
  ]
}
...
  "NewPet": {
    "type": "object",
    "required": [
      "name"
    ],
    "properties": {
      "name": {
        "type": "string"
      },
      "tag": {
        "type": "string"
      }
    }
  }
}