tsunez
commented
4 years ago Issue still exists.
SUMMARY
Issue has 3 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Open tsunez opened 4 years ago
tsunez
commented
4 years ago Issue still exists.
Issue has 3 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
tsunez
commented
4 years ago Issue still exists.
Issue has 3 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Log_Forging issue exists @ iGoat-Swift/iGoat-Swift/Source/Exercises/SideChannelDataLeaks/DeviceLogs/DeviceLogsExerciseVC.swift in branch master
Method submitItemPressed at line 8 of iGoat-Swift\iGoat-Swift\Source\Exercises\SideChannelDataLeaks\DeviceLogs\DeviceLogsExerciseVC.swift gets user input from element text. This element’s value flows through the code without being properly sanitized or validated, and is eventually used in writing an audit log in submitItemPressed at line 8 of iGoat-Swift\iGoat-Swift\Source\Exercises\SideChannelDataLeaks\DeviceLogs\DeviceLogsExerciseVC.swift.
Severity: Low
CWE:117
Vulnerability details and guidance
Checkmarx
Recommended Fix
Lines: 9 10 11
Code (Line #9):
Code (Line #10):
Code (Line #11):