cxflowtestuser
commented
4 years ago Issue still exists.
SUMMARY
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Open cxflowtestuser opened 4 years ago
cxflowtestuser
commented
4 years ago Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
cxflowtestuser
commented
4 years ago Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
cxflowtestuser
commented
4 years ago Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
cxflowtestuser
commented
4 years ago Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
cxflowtestuser
commented
4 years ago Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
cxflowtestuser
commented
4 years ago Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
HTTP_Response_Splitting issue exists @ BookDetail_jsp2.java in branch master
Method getParam at line 167 of BookDetail_jsp2.java gets user input from the paramName element. This element’s value then flows through the code without being properly sanitized or validated, and is eventually used in an HTTP response header in DetailAction at line 431 of BookDetail_jsp2.java. This may enable an HTTP Response Splitting attack, in certain older versions that do not mitigate this attack.
Severity: Medium
CWE:113
Vulnerability details and guidance
Internal Guidance
Checkmarx
Training Recommended Fix
Lines: 168 409
Code (Line #168):
Code (Line #409):