Closed am0o0 closed 3 months ago
Closing upon request from @am0o0
Your submission is now in status Closed.
For information, the evaluation workflow is the following: Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed
Query PR
https://github.com/github/codeql/pull/14959
Language
Java
CVE(s) ID list
WIP
CWE
No response
Report
I tried to support the whole framework both the client side and server side. the scope of SSRF, user-controllable sources, XSS, Unsafe LDAP, and Sensitive APIs (hard coded secret) has been extended by this submission, this is the biggest and most used web framework written in Kotlin, and I hope it is a useful extension for all.
Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).
Blog post link
No response