kmcdon83
commented
5 years ago Scan submitted to Checkmarx
Closed kmcdon83 closed 5 years ago
kmcdon83
commented
5 years ago Scan submitted to Checkmarx
kmcdon83
commented
5 years ago | Severity | Count |
|---|---|
| High | 32 |
| Medium | 56 |
| Low | 328 |
| Informational | 4 |
| Severity | Count |
|---|---|
| High | 30 |
| Lines | Severity | Category | File | Link |
|---|---|---|---|---|
| 102 124 | High | Reflected_XSS_All_Clients | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/AccountResources.java | Checkmarx |
| 6 | High | Reflected_XSS_All_Clients | riches/pages/content/Security.jsp | Checkmarx |
| 101 102 104 105 106 107 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/TransactionResources.java | Checkmarx |
| 20 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/Messages.java | Checkmarx |
| 18 25 | High | Command_Injection | riches/pages/content/oper/Newsletter.jsp | Checkmarx |
| 11 | High | Reflected_XSS_All_Clients | riches/login/error.jsp | Checkmarx |
| 18 74 | High | Command_Injection | riches/pages/common/hidden_AdminControl.jsp | Checkmarx |
| 11 | High | Stored_XSS | riches/pages/Backup.jsp | Checkmarx |
| 84 63 | High | Reflected_XSS_All_Clients | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/TransactionResources.java | Checkmarx |
| 82 102 141 62 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/AccountResources.java | Checkmarx |
| 83 | High | Reflected_XSS_All_Clients | riches/login/login.jsp | Checkmarx |
| 19 20 21 24 | High | Reflected_XSS_All_Clients | riches/pages/career_details_error.jsp | Checkmarx |
| 9 | High | Reflected_XSS_All_Clients | riches/pages/error.jsp | Checkmarx |
| 30 | High | Command_Injection | riches/pages/content/oper/Admin.jsp | Checkmarx |
| 13 | High | Stored_XSS | riches/pages/FilesViewer.jsp | Checkmarx |
kmcdon83
commented
5 years ago Scan submitted to Checkmarx
kmcdon83
commented
5 years ago | Severity | Count |
|---|---|
| High | 32 |
| Medium | 56 |
| Low | 328 |
| Informational | 4 |
| Severity | Count |
|---|---|
| High | 30 |
| Lines | Severity | Category | File | Link |
|---|---|---|---|---|
| High | Vulnerable_Library | commons-collections:commons-collections | Checkmarx | |
| 102 124 | High | Reflected_XSS_All_Clients | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/AccountResources.java | Checkmarx |
| 6 | High | Reflected_XSS_All_Clients | riches/pages/content/Security.jsp | Checkmarx |
| High | Vulnerable_Library | commons-fileupload:commons-fileupload | Checkmarx | |
| 101 102 104 105 106 107 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/TransactionResources.java | Checkmarx |
| 20 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/Messages.java | Checkmarx |
| High | Vulnerable_Library | dom4j:dom4j | Checkmarx | |
| 18 25 | High | Command_Injection | riches/pages/content/oper/Newsletter.jsp | Checkmarx |
| High | Vulnerable_Library | com.opensymphony:xwork | Checkmarx | |
| 11 | High | Reflected_XSS_All_Clients | riches/login/error.jsp | Checkmarx |
| 18 74 | High | Command_Injection | riches/pages/common/hidden_AdminControl.jsp | Checkmarx |
| 11 | High | Stored_XSS | riches/pages/Backup.jsp | Checkmarx |
| 84 63 | High | Reflected_XSS_All_Clients | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/TransactionResources.java | Checkmarx |
| High | Vulnerable_Library | tomcat:jasper-runtime | Checkmarx | |
| 82 102 141 62 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/AccountResources.java | Checkmarx |
| High | Vulnerable_Library | struts:struts | Checkmarx | |
| 83 | High | Reflected_XSS_All_Clients | riches/login/login.jsp | Checkmarx |
| 19 20 21 24 | High | Reflected_XSS_All_Clients | riches/pages/career_details_error.jsp | Checkmarx |
| 9 | High | Reflected_XSS_All_Clients | riches/pages/error.jsp | Checkmarx |
| 30 | High | Command_Injection | riches/pages/content/oper/Admin.jsp | Checkmarx |
| High | Vulnerable_Library | taglibs:standard | Checkmarx | |
| 13 | High | Stored_XSS | riches/pages/FilesViewer.jsp | Checkmarx |
| High | Vulnerable_Library | commons-beanutils:commons-beanutils | Checkmarx |
| Library | Severity | CVE |
|---|---|---|
| commons-collections:commons-collections | High | CVE-2015-7501 |
| commons-fileupload:commons-fileupload | High | CVE-2016-1000031 CVE-2013-2186 CVE-2014-0050 |
| dom4j:dom4j | High | CVE-2018-1000632 |
| com.opensymphony:xwork | High | CVE-2015-5209 CVE-2016-4438 CVE-2013-1966 CVE-2017-9787 CVE-2016-4461 CVE-2017-9804 CVE-2018-11776 CVE-2016-0785 CVE-2013-2115 CVE-2013-1965 CVE-2012-0838 CVE-2012-0391 CVE-2014-0112 |
| tomcat:jasper-runtime | High | CVE-2016-5018 |
| struts:struts | High | CVE-2014-0114 CVE-2006-1547 CVE-2006-1546 |
| taglibs:standard | High | CVE-2015-0254 |
| commons-beanutils:commons-beanutils | High | CVE-2014-0114 |
kmcdon83
commented
5 years ago Scan submitted to Checkmarx
kmcdon83
commented
5 years ago | Severity | Count |
|---|---|
| High | 32 |
| Medium | 56 |
| Low | 328 |
| Informational | 4 |
| Severity | Count |
|---|---|
| High | 30 |
| Lines | Severity | Category | File | Link |
|---|---|---|---|---|
| High | Vulnerable_Library | commons-collections:commons-collections | Checkmarx | |
| 102 124 | High | Reflected_XSS_All_Clients | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/AccountResources.java | Checkmarx |
| 6 | High | Reflected_XSS_All_Clients | riches/pages/content/Security.jsp | Checkmarx |
| High | Vulnerable_Library | commons-fileupload:commons-fileupload | Checkmarx | |
| 101 102 104 105 106 107 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/TransactionResources.java | Checkmarx |
| 20 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/Messages.java | Checkmarx |
| High | Vulnerable_Library | dom4j:dom4j | Checkmarx | |
| 18 25 | High | Command_Injection | riches/pages/content/oper/Newsletter.jsp | Checkmarx |
| High | Vulnerable_Library | com.opensymphony:xwork | Checkmarx | |
| 11 | High | Reflected_XSS_All_Clients | riches/login/error.jsp | Checkmarx |
| 18 74 | High | Command_Injection | riches/pages/common/hidden_AdminControl.jsp | Checkmarx |
| 11 | High | Stored_XSS | riches/pages/Backup.jsp | Checkmarx |
| 84 63 | High | Reflected_XSS_All_Clients | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/TransactionResources.java | Checkmarx |
| High | Vulnerable_Library | tomcat:jasper-runtime | Checkmarx | |
| 82 102 141 62 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/AccountResources.java | Checkmarx |
| High | Vulnerable_Library | struts:struts | Checkmarx | |
| 83 | High | Reflected_XSS_All_Clients | riches/login/login.jsp | Checkmarx |
| 19 20 21 24 | High | Reflected_XSS_All_Clients | riches/pages/career_details_error.jsp | Checkmarx |
| 9 | High | Reflected_XSS_All_Clients | riches/pages/error.jsp | Checkmarx |
| 30 | High | Command_Injection | riches/pages/content/oper/Admin.jsp | Checkmarx |
| High | Vulnerable_Library | taglibs:standard | Checkmarx | |
| 13 | High | Stored_XSS | riches/pages/FilesViewer.jsp | Checkmarx |
| High | Vulnerable_Library | commons-beanutils:commons-beanutils | Checkmarx |
| Library | Severity | CVE |
|---|---|---|
| commons-collections:commons-collections | High | CVE-2015-7501 |
| commons-fileupload:commons-fileupload | High | CVE-2016-1000031 CVE-2013-2186 CVE-2014-0050 |
| dom4j:dom4j | High | CVE-2018-1000632 |
| com.opensymphony:xwork | High | CVE-2015-5209 CVE-2016-4438 CVE-2013-1966 CVE-2017-9787 CVE-2016-4461 CVE-2017-9804 CVE-2018-11776 CVE-2016-0785 CVE-2013-2115 CVE-2013-1965 CVE-2012-0838 CVE-2012-0391 CVE-2014-0112 |
| tomcat:jasper-runtime | High | CVE-2016-5018 |
| struts:struts | High | CVE-2014-0114 CVE-2006-1547 CVE-2006-1546 |
| taglibs:standard | High | CVE-2015-0254 |
| commons-beanutils:commons-beanutils | High | CVE-2014-0114 |
kmcdon83
commented
5 years ago Scan submitted to Checkmarx
kmcdon83
commented
5 years ago | Severity | Count |
|---|---|
| High | 32 |
| Medium | 56 |
| Low | 328 |
| Informational | 4 |
| Severity | Count |
|---|---|
| High | 30 |
| Lines | Severity | Category | File | Link |
|---|---|---|---|---|
| High | Vulnerable_Library | commons-collections:commons-collections | Checkmarx | |
| 102 124 | High | Reflected_XSS_All_Clients | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/AccountResources.java | Checkmarx |
| 6 | High | Reflected_XSS_All_Clients | riches/pages/content/Security.jsp | Checkmarx |
| High | Vulnerable_Library | commons-fileupload:commons-fileupload | Checkmarx | |
| 101 102 104 105 106 107 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/TransactionResources.java | Checkmarx |
| 20 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/Messages.java | Checkmarx |
| High | Vulnerable_Library | dom4j:dom4j | Checkmarx | |
| 18 25 | High | Command_Injection | riches/pages/content/oper/Newsletter.jsp | Checkmarx |
| High | Vulnerable_Library | com.opensymphony:xwork | Checkmarx | |
| 11 | High | Reflected_XSS_All_Clients | riches/login/error.jsp | Checkmarx |
| 18 74 | High | Command_Injection | riches/pages/common/hidden_AdminControl.jsp | Checkmarx |
| 11 | High | Stored_XSS | riches/pages/Backup.jsp | Checkmarx |
| 84 63 | High | Reflected_XSS_All_Clients | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/TransactionResources.java | Checkmarx |
| High | Vulnerable_Library | tomcat:jasper-runtime | Checkmarx | |
| 82 102 141 62 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/AccountResources.java | Checkmarx |
| High | Vulnerable_Library | struts:struts | Checkmarx | |
| 83 | High | Reflected_XSS_All_Clients | riches/login/login.jsp | Checkmarx |
| 19 20 21 24 | High | Reflected_XSS_All_Clients | riches/pages/career_details_error.jsp | Checkmarx |
| 9 | High | Reflected_XSS_All_Clients | riches/pages/error.jsp | Checkmarx |
| 30 | High | Command_Injection | riches/pages/content/oper/Admin.jsp | Checkmarx |
| High | Vulnerable_Library | taglibs:standard | Checkmarx | |
| 13 | High | Stored_XSS | riches/pages/FilesViewer.jsp | Checkmarx |
| High | Vulnerable_Library | commons-beanutils:commons-beanutils | Checkmarx |
| Library | Severity | CVE |
|---|---|---|
| commons-collections:commons-collections | High | CVE-2015-7501 |
| commons-fileupload:commons-fileupload | High | CVE-2016-1000031 CVE-2013-2186 CVE-2014-0050 |
| dom4j:dom4j | High | CVE-2018-1000632 |
| com.opensymphony:xwork | High | CVE-2015-5209 CVE-2016-4438 CVE-2013-1966 CVE-2017-9787 CVE-2016-4461 CVE-2017-9804 CVE-2018-11776 CVE-2016-0785 CVE-2013-2115 CVE-2013-1965 CVE-2012-0838 CVE-2012-0391 CVE-2014-0112 |
| tomcat:jasper-runtime | High | CVE-2016-5018 |
| struts:struts | High | CVE-2014-0114 CVE-2006-1547 CVE-2006-1546 |
| taglibs:standard | High | CVE-2015-0254 |
| commons-beanutils:commons-beanutils | High | CVE-2014-0114 |
kmcdon83
commented
5 years ago Scan submitted to Checkmarx
kmcdon83
commented
5 years ago | Severity | Count |
|---|---|
| High | 32 |
| Medium | 56 |
| Low | 328 |
| Informational | 4 |
| Severity | Count |
|---|---|
| High | 30 |
| Lines | Severity | Category | File | Link |
|---|---|---|---|---|
| 102 124 | High | Reflected_XSS_All_Clients | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/AccountResources.java | Checkmarx |
| 6 | High | Reflected_XSS_All_Clients | riches/pages/content/Security.jsp | Checkmarx |
| 101 102 104 105 106 107 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/TransactionResources.java | Checkmarx |
| 20 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/Messages.java | Checkmarx |
| 18 25 | High | Command_Injection | riches/pages/content/oper/Newsletter.jsp | Checkmarx |
| 11 | High | Reflected_XSS_All_Clients | riches/login/error.jsp | Checkmarx |
| 18 74 | High | Command_Injection | riches/pages/common/hidden_AdminControl.jsp | Checkmarx |
| 11 | High | Stored_XSS | riches/pages/Backup.jsp | Checkmarx |
| 84 63 | High | Reflected_XSS_All_Clients | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/TransactionResources.java | Checkmarx |
| 82 102 141 62 | High | SQL_Injection | riches/WEB-INF/src/java/com/checkmarx/samples/riches/restful/AccountResources.java | Checkmarx |
| 83 | High | Reflected_XSS_All_Clients | riches/login/login.jsp | Checkmarx |
| 19 20 21 24 | High | Reflected_XSS_All_Clients | riches/pages/career_details_error.jsp | Checkmarx |
| 9 | High | Reflected_XSS_All_Clients | riches/pages/error.jsp | Checkmarx |
| 30 | High | Command_Injection | riches/pages/content/oper/Admin.jsp | Checkmarx |
| 13 | High | Stored_XSS | riches/pages/FilesViewer.jsp | Checkmarx |
| Library | Severity | CVE |
|---|---|---|
| commons-collections:commons-collections | High | CVE-2015-7501 |
| commons-fileupload:commons-fileupload | High | CVE-2016-1000031 CVE-2013-2186 CVE-2014-0050 |
| dom4j:dom4j | High | CVE-2018-1000632 |
| com.opensymphony:xwork | High | CVE-2015-5209 CVE-2016-4438 CVE-2013-1966 CVE-2017-9787 CVE-2016-4461 CVE-2017-9804 CVE-2018-11776 CVE-2016-0785 CVE-2013-2115 CVE-2013-1965 CVE-2012-0838 CVE-2012-0391 CVE-2014-0112 |
| tomcat:jasper-runtime | High | CVE-2016-5018 |
| struts:struts | High | CVE-2014-0114 CVE-2006-1547 CVE-2006-1546 |
| taglibs:standard | High | CVE-2015-0254 |
| commons-beanutils:commons-beanutils | High | CVE-2014-0114 |
Scan submitted to Checkmarx