CX CSRF @ src/main/webapp/vulnerability/idor/change-email.jsp [refs/heads/master]

[github-actions[bot]]

CSRF issue exists @ src/main/webapp/vulnerability/idor/change-email.jsp in branch refs/heads/master

Method email=request.getParameter at line 27 of src\main\webapp\vulnerability\idor\change-email.jsp gets a parameter from a user request from ""email"". This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).

Severity: Medium

CWE:352

Vulnerability details and guidance

Checkmarx

Training Recommended Fix

Lines: 27 28

---

Code (Line #27):

   String email=request.getParameter("email");

---

Code (Line #28):

   String id=request.getParameter("id");

---

[github-actions[bot]]

Issue still exists.