The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
Security_Misconfiguration issue exists @ app/routes/session.js in branch master
The application takes sensitive, personal data password, found at line 189 of app\routes\session.js, and stores it in an unprotected manner, without encryption, to anony140326909var at line 117 of app\data\user-dao.js.
Security_Misconfiguration issue exists @ app/routes/session.js in branch master
The application takes sensitive, personal data password, found at line 189 of app\routes\session.js, and stores it in an unprotected manner, without encryption, to anony140326909var at line 117 of app\data\user-dao.js.
Severity: High CWE:933 Vulnerability details and guidance Internal Guidance Lines: 195
Code (Line #195):