CWE-994, SFP25 falls under the category of Tainted Input to Variable and is used to classify Software Fault Patterns (SFPs).
SFP25 falls under the cluster of Tainted Input to Variable and serves the purpose of categorizing Software Fault Patterns (SFPs).