CX Use_Of_Broken_Or_Risky_Cryptographic_Algorithm @ dvcsharp-api-master/Controllers/PasswordResetsController.cs [master]

Prevelate commented 3 years ago

Use_Of_Broken_Or_Risky_Cryptographic_Algorithm issue exists @ dvcsharp-api-master/Controllers/PasswordResetsController.cs in branch master

In Post, the application protects sensitive data using a cryptographic algorithm, ComputeHash, that is considered weak or even trivially broken, in dvcsharp-api-master\Controllers\PasswordResetsController.cs at line 63.

Severity: Low

CWE:327

Vulnerability details and guidance

Checkmarx

Lines: 80

Code (Line #80):

         var hash = md5.ComputeHash(System.Text.Encoding.ASCII.GetBytes(passwordResetRequest.email));

Prevelate commented 3 years ago

Issue still exists.

Prevelate commented 3 years ago

Issue still exists.

Prevelate commented 3 years ago

Issue still exists.

Prevelate / dotnet

CX Use_Of_Broken_Or_Risky_Cryptographic_Algorithm @ dvcsharp-api-master/Controllers/PasswordResetsController.cs [master] #5