RahulVadisetty91 / RestService

Spring boot sample rest service
0 stars 1 forks source link

FlawID 425 | Severity 5 | Code Injection #9

Open RahulVadisetty91 opened 3 years ago

RahulVadisetty91 commented 3 years ago

Module

JS files within cpaustatic.tar

File Path

/htdocs/cpanzp/js/manipulation.js

Line

542

Description

This call to jQuery.globalEval() contains untrusted input or potentially untrusted data. If this input could be modified by an attacker, arbitrary JS code could be executed. Validate all untrusted and untrusted input to ensure that it conforms to the expected format, using centralized data validation routines when possible. In general, avoid executing code derived from untrusted input. References: CWE