Open tsunez opened 3 years ago
Frameable_Login_Page issue exists @ core/apphandler.js in branch master
The web-application does not properly utilize the "X-FRAME-OPTIONS" header to restrict embedding web-pages inside of a frame.
Severity: Medium
CWE:829
Vulnerability details and guidance
Checkmarx
Recommended Fix
Lines: 194 38 103 136 9 233 76 206 47 144 215 58 186
Code (Line #194):
module.exports.calc = function (req, res) {
Code (Line #38):
module.exports.ping = function (req, res) {
Code (Line #103):
module.exports.modifyProductSubmit = function (req, res) {
Code (Line #136):
module.exports.userEdit = function (req, res) {
Code (Line #9):
module.exports.userSearch = function (req, res) {
Code (Line #233):
module.exports.bulkProducts = function(req, res) {
Code (Line #76):
module.exports.modifyProduct = function (req, res) {
Code (Line #206):
module.exports.listUsersAPI = function (req, res) {
Code (Line #47):
module.exports.listProducts = function (req, res) {
Code (Line #144):
module.exports.userEditSubmit = function (req, res) {
Code (Line #215):
module.exports.bulkProductsLegacy = function (req,res){
Code (Line #58):
module.exports.productSearch = function (req, res) {
Code (Line #186):
module.exports.redirect = function (req, res) {
Issue still exists.
Issue has 13 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Frameable_Login_Page issue exists @ core/apphandler.js in branch master
The web-application does not properly utilize the "X-FRAME-OPTIONS" header to restrict embedding web-pages inside of a frame.
Severity: Medium
CWE:829
Vulnerability details and guidance
Checkmarx
Recommended Fix
Lines: 194 38 103 136 9 233 76 206 47 144 215 58 186
Code (Line #194):
Code (Line #38):
Code (Line #103):
Code (Line #136):
Code (Line #9):
Code (Line #233):
Code (Line #76):
Code (Line #206):
Code (Line #47):
Code (Line #144):
Code (Line #215):
Code (Line #58):
Code (Line #186):