search

mariana-bteixeira / python-mini-projects

A collection of simple python mini projects to enhance your python skills
https://python-world.github.io/python-mini-projects/#/
MIT License
0 stars 0 forks source link

CX Trust_Boundary_Violation_in_Session_Variables @ projects/Todo_app/app.py [master] #8

Open mariana-bteixeira opened 7 months ago

mariana-bteixeira commented 7 months ago

Trust_Boundary_Violation_in_Session_Variables issue exists @ projects/Todo_app/app.py in branch master

*Method index at line 24 of projects\Todo_app\app.py gets user input from element form. This element’s value flows through the code without being properly sanitized or validated and is eventually stored in the server-side Session object, in index at line 28 of projects\Todo_app\app.py. This constitutes a Trust Boundary Violation.Similarity ID: -1779236197

Method index at line 24 of projects\Todo_app\app.py gets user input from element form. This element’s value flows through the code without being properly sanitized or validated and is eventually stored in the server-side Session object, in index at line 27 of projects\Todo_app\app.py. This constitutes a Trust Boundary Violation.Similarity ID: 383118991*

Severity: Low

CWE:501

Vulnerability details and guidance

Internal Guidance

Checkmarx

Training Recommended Fix

Lines: 24

Code (Line #24):

task_content = request.form["task"]
mariana-bteixeira commented 7 months ago

Issue still exists.