The below list presents the 9 high vulnerability findings that need your attention. To view information on these findings, navigate to the Mend SAST Application.
Thanks a lot for opening your first issue with us! 🧡 We'll get back to you shortly! ⏳ If it was a Support Request, please consider asking on the community chat next time! 💬
Code Security Report
Latest Scan: 2022-12-15 09:55pm Total Findings: 57 Tested Project Files: 407 Detected Programming Languages: 3
Language: TypeScript
Details
Language: JavaScript / Node.js
Details
Findings
routes/profileImageUrlUpload.js:27
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageUrlUpload.js#L22-L27Trace
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageUrlUpload.js#L15 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageUrlUpload.js#L27routes/profileImageUrlUpload.js:28
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageUrlUpload.js#L23-L28Trace
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageUrlUpload.js#L15 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageUrlUpload.js#L27 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageUrlUpload.js#L28routes/profileImageFileUpload.js:26
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageFileUpload.js#L21-L26Trace
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageFileUpload.js#L15 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageFileUpload.js#L16 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageFileUpload.js#L17 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageFileUpload.js#L26NoSQL Injection (CWE-943) : 6
#### Findingsroutes/likeProductReviews.js:35
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/likeProductReviews.js#L30-L35Trace
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/likeProductReviews.js#L13 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/likeProductReviews.js#L35routes/profileImageFileUpload.js:34
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageFileUpload.js#L29-L34Trace
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageFileUpload.js#L15 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageFileUpload.js#L16 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageFileUpload.js#L17 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/profileImageFileUpload.js#L34routes/order.js:31
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/order.js#L26-L31Trace
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/order.js#L19 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/order.js#L31routes/likeProductReviews.js:18
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/likeProductReviews.js#L13-L18Trace
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/likeProductReviews.js#L13 https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/likeProductReviews.js#L18routes/orderHistory.js:34
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/orderHistory.js#L29-L34routes/updateProductReviews.js:14
https://github.com/hugh-mend/juice-shop/blob/feffcb8558d0872e55df40e54896d08023acb975/routes/updateProductReviews.js#L9-L14Language: Python
Details