CX CSRF @ src/main/webapp/changeCardDetails.jsp [refs/heads/master]

[github-actions[bot]]

CSRF issue exists @ src/main/webapp/changeCardDetails.jsp in branch refs/heads/master

Method cardno=request.getParameter at line 37 of src\main\webapp\changeCardDetails.jsp gets a parameter from a user request from ""cardno"". This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).

Severity: Medium

CWE:352

Vulnerability details and guidance

Checkmarx

Training Recommended Fix

Lines: 37 38 39

---

Code (Line #37):

        String cardno=request.getParameter("cardno");

---

Code (Line #38):

        String cvv=request.getParameter("cvv");

---

Code (Line #39):

        String expirydate=request.getParameter("expirydate");

---

[github-actions[bot]]

Issue still exists.