Open github-actions[bot] opened 1 month ago
Client_Hardcoded_Domain issue exists @ template/index.html in branch master
*The JavaScript file imported in "https://maps.googleapis.com/maps/api/js?key=AIzaSyCjCGmQ0Uq4exrzdcL6rvxywDDOvfAu6eE" in template\index.html at line 1167 is from a remote domain, which may allow attackers to replace its contents with malicious code.Similarity ID: 907198868
The JavaScript file imported in "https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js" in template\index.html at line 1156 is from a remote domain, which may allow attackers to replace its contents with malicious code.Similarity ID: -331575618*
Severity: Low
CWE:829
Vulnerability details and guidance
Internal Guidance
Checkmarx
Training Recommended Fix
Lines: 1156 1167
Code (Line #1156):
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js" integrity="sha384-b/U6ypiBEHpOf/4+1nzFpr53nxSS+GLCkfwBdFNTxtclqqenISfwAzpKaMNFNmj4"
Code (Line #1167):
<script src="https://maps.googleapis.com/maps/api/js?key=AIzaSyCjCGmQ0Uq4exrzdcL6rvxywDDOvfAu6eE"></script>
Issue still exists.
Client_Hardcoded_Domain issue exists @ template/index.html in branch master
*The JavaScript file imported in "https://maps.googleapis.com/maps/api/js?key=AIzaSyCjCGmQ0Uq4exrzdcL6rvxywDDOvfAu6eE" in template\index.html at line 1167 is from a remote domain, which may allow attackers to replace its contents with malicious code.Similarity ID: 907198868
The JavaScript file imported in "https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js" in template\index.html at line 1156 is from a remote domain, which may allow attackers to replace its contents with malicious code.Similarity ID: -331575618*
Severity: Low
CWE:829
Vulnerability details and guidance
Internal Guidance
Checkmarx
Training Recommended Fix
Lines: 1156 1167
Code (Line #1156):
Code (Line #1167):