CX Client_DOM_XSS @ root/advanced.jsp [master]

[abhishekd07]

Client_DOM_XSS issue exists @ root/advanced.jsp in branch master

The application's Search</a> embeds untrusted data in the generated output with location, at line 48 of root\advanced.jsp. This untrusted data is embedded straight into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the output.

Severity: High

CWE:79

Checkmarx

Lines: 48

---

Code (Line #48):

    <a href="javascript:window.location=window.location.href">New Search</a>

---

[abhishekd07]

Issue still exists.

SUMMARY

Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)

[abhishekd07]

Issue still exists.

SUMMARY

Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)

[abhishekd07]

Issue still exists.

SUMMARY

Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)

[abhishekd07]

Issue still exists.

SUMMARY

Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)

[abhishekd07]

Issue still exists.

SUMMARY

Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)

[abhishekd07]

Issue still exists.

SUMMARY

Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)

[abhishekd07]

Issue still exists.

SUMMARY

Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)

[abhishekd07]

Issue still exists.

SUMMARY

Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)

[abhishekd07]

Issue still exists.

SUMMARY

Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)

[abhishekd07]

Issue still exists.

SUMMARY

Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)