Open tsunez opened 4 years ago
Frameable_Login_Page issue exists @ core/authhandler.js in branch master
The web-application does not properly utilize the "X-FRAME-OPTIONS" header to restrict embedding web-pages inside of a frame.
Severity: Medium
CWE:829
Vulnerability details and guidance
Checkmarx
Recommended Fix
Lines: 19 5 69 41 13
Code (Line #19):
module.exports.forgotPw = function (req, res) {
Code (Line #5):
module.exports.isAuthenticated = function (req, res, next) {
Code (Line #69):
module.exports.resetPwSubmit = function (req, res) {
Code (Line #41):
module.exports.resetPw = function (req, res) {
Code (Line #13):
module.exports.isNotAuthenticated = function (req, res, next) {
Issue still exists.
Issue has 5 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Frameable_Login_Page issue exists @ core/authhandler.js in branch master
The web-application does not properly utilize the "X-FRAME-OPTIONS" header to restrict embedding web-pages inside of a frame.
Severity: Medium
CWE:829
Vulnerability details and guidance
Checkmarx
Recommended Fix
Lines: 19 5 69 41 13
Code (Line #19):
Code (Line #5):
Code (Line #69):
Code (Line #41):
Code (Line #13):