cx-scord
commented
3 years ago 
Checkmarx SAST - Scan Summary & Details
Cx-SAST Summary
Total of 224 vulnerabilities
83 High
141 Medium
0 Low
0 Info
AppSec Scan Summary
| Severity | Count |
|---|---|
| High | 83 |
| Medium | 141 |
| Low | 0 |
| Informational | 0 |
Violation Summary
28 High 73 Medium
View more details on Checkmarx UI
Cx-SAST Details
| Lines | Severity | Category | File | Link |
|---|---|---|---|---|
| 38 43 155 167 219 | Medium | XSRF | root/basket.jsp | Checkmarx |
| 10 | Medium | XSRF | root/password.jsp | Checkmarx |
| 8 35 40 | Medium | XSRF | root/login.jsp | Checkmarx |
| 7 46 51 | Medium | XSRF | root/register.jsp | Checkmarx |
| 24 | Medium | Use_of_Insufficiently_Random_Values | root/home.jsp | Checkmarx |
| 8 12 20 30 41 49 | Medium | Use_of_Insufficiently_Random_Values | root/init.jsp | Checkmarx |
| 54 | Medium | Use_of_Insufficiently_Random_Values | root/contact.jsp | Checkmarx |
| 42 47 | Medium | Use_of_Hard_coded_Cryptographic_Key | src/com/thebodgeitstore/search/AdvancedSearch.java | Checkmarx |
| 50 | Medium | Use_of_Hard_coded_Cryptographic_Key | src/com/thebodgeitstore/util/AES.java | Checkmarx |
| 24 | Medium | Use_of_Cryptographically_Weak_PRNG | root/home.jsp | Checkmarx |
| 54 | Medium | Use_of_Cryptographically_Weak_PRNG | root/contact.jsp | Checkmarx |
| 8 12 20 30 41 49 | Medium | Use_of_Cryptographically_Weak_PRNG | root/init.jsp | Checkmarx |
| 8 | Medium | Trust_Boundary_Violation | root/login.jsp | Checkmarx |
| 3 4 5 | Medium | Session_Fixation | root/logout.jsp | Checkmarx |
| 34 35 36 | Medium | Session_Fixation | root/register.jsp | Checkmarx |
| 22 23 24 | Medium | Session_Fixation | root/login.jsp | Checkmarx |
| 48 | Medium | Session_Fixation | src/com/thebodgeitstore/search/AdvancedSearch.java | Checkmarx |
| 1 | Medium | Missing_HSTS_Header | root/about.jsp | Checkmarx |
| 1 | Medium | HttpOnlyCookies_In_Config | build/WEB-INF/web.xml | Checkmarx |
| 1 | Medium | HttpOnlyCookies_In_Config | root/WEB-INF/web.xml | Checkmarx |
| 46 49 | Medium | HttpOnlyCookies | root/register.jsp | Checkmarx |
| 35 38 | Medium | HttpOnlyCookies | root/login.jsp | Checkmarx |
| 38 41 | Medium | HttpOnlyCookies | root/basket.jsp | Checkmarx |
| 8 | Medium | Heap_Inspection | root/login.jsp | Checkmarx |
| 103 | Medium | Heap_Inspection | src/com/thebodgeitstore/util/AES.java | Checkmarx |
| 10 11 | Medium | Heap_Inspection | root/password.jsp | Checkmarx |
| 8 | Medium | Heap_Inspection | root/init.jsp | Checkmarx |
| 7 8 | Medium | Heap_Inspection | root/register.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/admin.jsp | Checkmarx |
| 89 | Medium | Hardcoded_password_in_Connection_String | root/header.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/register.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/product.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/contact.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/basket.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/advanced.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/home.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/score.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/dbconnection.jspf | Checkmarx |
| 67 | Medium | Hardcoded_password_in_Connection_String | root/init.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/login.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/password.jsp | Checkmarx |
| 10 | Medium | Hardcoded_password_in_Connection_String | root/search.jsp | Checkmarx |
| 28 | Medium | Client_Use_Of_JQuery_Outdated_Version | root/advanced.jsp | Checkmarx |
| 25 | High | Stored_XSS | root/home.jsp | Checkmarx |
| 16 28 | High | Stored_XSS | root/admin.jsp | Checkmarx |
| 42 59 | High | Stored_XSS | root/product.jsp | Checkmarx |
| 249 | High | Stored_XSS | root/basket.jsp | Checkmarx |
| 34 | High | Stored_XSS | root/search.jsp | Checkmarx |
| 15 | High | Stored_XSS | root/login.jsp | Checkmarx |
| 14 | High | Stored_XSS | root/score.jsp | Checkmarx |
| 91 | High | Stored_XSS | root/header.jsp | Checkmarx |
| 63 | High | Stored_XSS | root/contact.jsp | Checkmarx |
| 15 | High | Second_Order_SQL_Injection | root/login.jsp | Checkmarx |
| 8 35 40 | High | SQL_Injection | root/login.jsp | Checkmarx |
| 10 | High | SQL_Injection | root/password.jsp | Checkmarx |
| 38 43 155 219 | High | SQL_Injection | root/basket.jsp | Checkmarx |
| 7 46 51 | High | SQL_Injection | root/register.jsp | Checkmarx |
| 38 | High | Reflected_XSS_All_Clients | root/basket.jsp | Checkmarx |
| 10 | High | Reflected_XSS_All_Clients | root/search.jsp | Checkmarx |
| 35 | High | Reflected_XSS_All_Clients | root/login.jsp | Checkmarx |
| 46 | High | Reflected_XSS_All_Clients | root/register.jsp | Checkmarx |
| 11 | High | Reflected_XSS_All_Clients | root/contact.jsp | Checkmarx |
Scan submitted to Checkmarx