Trust_Boundary_Violation_in_Session_Variables issue exists @ root/login.jsp in branch main
Method = at line 7 of root\login.jsp gets user input from element ""username"". This element’s value flows through the code without being properly sanitized or validated and is eventually stored in the server-side Session object, in session.setAttribute at line 22 of root\login.jsp. This constitutes a Trust Boundary Violation.
jonatcx
commented
1 year ago
Trust_Boundary_Violation_in_Session_Variables issue exists @ root/login.jsp in branch main
Method = at line 7 of root\login.jsp gets user input from element ""username"". This element’s value flows through the code without being properly sanitized or validated and is eventually stored in the server-side Session object, in session.setAttribute at line 22 of root\login.jsp. This constitutes a Trust Boundary Violation.
Severity: Low
CWE:501
Checkmarx
Training Recommended Fix
Lines: 7 8
Code (Line #7):
Code (Line #8):