search

cx-scord / CxFlowGithub

CxFlow Demo
0 stars 1 forks source link

Branch test2 #139

Closed cx-scord closed 3 years ago

cx-scord commented 3 years ago

Scan submitted to Checkmarx

cx-scord commented 3 years ago

Logo
Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 179 vulnerabilities
High 83 High
Medium 89 Medium
Low 7 Low
Info 0 Info

Violation Summary

High 28 High
Low 7 Low
Medium 41 Medium
View more details on Checkmarx UI

Cx-SAST Details

Lines Severity Category File Link
38 43 157 169 221 Medium XSRF_via_Service root/basket.jsp Checkmarx
8 35 40 Medium XSRF_via_Service root/login.jsp Checkmarx
10 Medium XSRF_via_Service root/password.jsp Checkmarx
7 46 51 Medium XSRF_via_Service root/register.jsp Checkmarx
221 Medium Unchecked_Input_for_Loop_Condition_via_Service root/basket.jsp Checkmarx
8 Medium Trust_Boundary_Violation root/login.jsp Checkmarx
34 35 36 Medium Session_Fixation root/register.jsp Checkmarx
3 4 5 Medium Session_Fixation root/logout.jsp Checkmarx
22 23 24 Medium Session_Fixation root/login.jsp Checkmarx
48 Medium Session_Fixation src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
1 Medium Missing_HSTS_Header root/about.jsp Checkmarx
1 Medium HttpOnlyCookies_In_Config build/WEB-INF/web.xml Checkmarx
1 Medium HttpOnlyCookies_In_Config root/WEB-INF/web.xml Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/dbconnection.jspf Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/admin.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/basket.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/search.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/product.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/register.jsp Checkmarx
67 Medium Hardcoded_password_in_Connection_String root/init.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/login.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/advanced.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/password.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/score.jsp Checkmarx
89 Medium Hardcoded_password_in_Connection_String root/header.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/home.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/contact.jsp Checkmarx
103 Low Heap_Inspection src/com/thebodgeitstore/util/AES.java Checkmarx
8 Low Heap_Inspection root/login.jsp Checkmarx
10 11 Low Heap_Inspection root/password.jsp Checkmarx
7 8 Low Heap_Inspection root/register.jsp Checkmarx
8 Low Heap_Inspection root/init.jsp Checkmarx
25 High Stored_XSS root/home.jsp Checkmarx
91 High Stored_XSS root/header.jsp Checkmarx
63 High Stored_XSS root/contact.jsp Checkmarx
16 High Stored_XSS root/admin.jsp Checkmarx
34 High Stored_XSS root/search.jsp Checkmarx
15 High Stored_XSS root/login.jsp Checkmarx
42 59 High Stored_XSS root/product.jsp Checkmarx
14 High Stored_XSS root/score.jsp Checkmarx
251 High Stored_XSS root/basket.jsp Checkmarx
15 High Second_Order_SQL_Injection root/login.jsp Checkmarx
8 35 40 High SQL_Injection_via_Service root/login.jsp Checkmarx
10 High SQL_Injection_via_Service root/password.jsp Checkmarx
38 43 157 221 High SQL_Injection_via_Service root/basket.jsp Checkmarx
7 46 51 High SQL_Injection_via_Service root/register.jsp Checkmarx
11 High Reflected_XSS_All_Clients root/contact.jsp Checkmarx
35 High Reflected_XSS_All_Clients root/login.jsp Checkmarx
46 High Reflected_XSS_All_Clients root/register.jsp Checkmarx
10 High Reflected_XSS_All_Clients root/search.jsp Checkmarx
38 High Reflected_XSS_All_Clients root/basket.jsp Checkmarx
48 High Client_DOM_XSS root/advanced.jsp Checkmarx