search

mend-demo / easybuggy

Apache License 2.0
0 stars 0 forks source link

Code Security Report: 48 high severity findings, 102 total findings #22

Open mend-for-github-com[bot] opened 2 years ago

mend-for-github-com[bot] commented 2 years ago

Code Security Report

Latest Scan: 2022-10-06 03:25am Total Findings: 102 Tested Project Files: 102 Detected Programming Languages: 1

Language: Java

Severity CWE Vulnerability Type Count
High CWE-89 SQL Injection 3
High CWE-94 Code Injection 1
High CWE-22 Path/Directory Traversal 9
High CWE-73 File Manipulation 8
High CWE-79 Cross-Site Scripting 26
High CWE-918 Server Side Request Forgery 1
Medium CWE-338 Weak Pseudo-Random 2
Medium CWE-244 Heap Inspection 5
Medium CWE-501 Trust Boundary Violation 5
Medium CWE-209 Error Messages Information Exposure 15
Low CWE-601 Unvalidated/Open Redirect 17
Low CWE-117 Log Forging 4
Low CWE-113 HTTP Header Injection 1
Low CWE-20 Session Poisoning 5

Details

The below list presents the 20 most relevant findings that need your attention. To view information on the remaining findings, navigate to the Mend SAST Application.

SQL Injection (CWE-89) : 3

Findings

vulnerabilities/SQLInjectionServlet.java:69 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L64-L69
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L28 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L45 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L60 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L69
vulnerabilities/SQLInjectionServlet.java:69 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L64-L69
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L28 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L45 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L60 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L69
vulnerabilities/SQLInjectionServlet.java:69 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L64-L69
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L28 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L39 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L45 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L60 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java#L69

Code Injection (CWE-94) : 1 #### Findings
vulnerabilities/CodeInjectionServlet.java:65 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/CodeInjectionServlet.java#L60-L65
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/CodeInjectionServlet.java#L25 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/CodeInjectionServlet.java#L44 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/CodeInjectionServlet.java#L45 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/CodeInjectionServlet.java#L46 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/CodeInjectionServlet.java#L47 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/CodeInjectionServlet.java#L61 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/CodeInjectionServlet.java#L65
Path/Directory Traversal (CWE-22) : 9 #### Findings
vulnerabilities/UnrestrictedSizeUploadServlet.java:84 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L79-L84
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L70 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L57 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L59 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L71 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L84
vulnerabilities/NullByteInjectionServlet.java:46 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/NullByteInjectionServlet.java#L41-L46
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/NullByteInjectionServlet.java#L35 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/NullByteInjectionServlet.java#L40 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/NullByteInjectionServlet.java#L46
vulnerabilities/MailHeaderInjectionServlet.java:133 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/MailHeaderInjectionServlet.java#L128-L133
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/MailHeaderInjectionServlet.java#L125 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L57 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L59 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/MailHeaderInjectionServlet.java#L127 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/MailHeaderInjectionServlet.java#L133
vulnerabilities/UnrestrictedExtensionUploadServlet.java:84 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L79-L84
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L69 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L57 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L59 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L76 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L84
vulnerabilities/UnrestrictedSizeUploadServlet.java:127 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L122-L127
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L70 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L57 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L59 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L71 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L84 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L111 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L127
vulnerabilities/UnrestrictedSizeUploadServlet.java:114 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L109-L114
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L70 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L57 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L59 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L71 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L84 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L111 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedSizeUploadServlet.java#L114
vulnerabilities/XEEandXXEServlet.java:196 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java#L191-L196
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java#L141 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L57 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L59 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java#L148 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java#L161 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java#L192 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java#L196
vulnerabilities/UnrestrictedExtensionUploadServlet.java:135 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L130-L135
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L69 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L57 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L59 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L76 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L84 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L106 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L135
vulnerabilities/UnrestrictedExtensionUploadServlet.java:110 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L105-L110
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L69 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L57 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L59 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L76 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L84 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L106 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L110
File Manipulation (CWE-73) : 7 #### Findings
utils/MultiPartFileUtils.java:38 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L33-L38
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L37 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L38
utils/MultiPartFileUtils.java:38 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L33-L38
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L37 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L38
utils/MultiPartFileUtils.java:38 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L33-L38
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L37 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L38
utils/MultiPartFileUtils.java:38 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L33-L38
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L37 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L38
vulnerabilities/MailHeaderInjectionServlet.java:142 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/MailHeaderInjectionServlet.java#L137-L142
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/MailHeaderInjectionServlet.java#L141 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/MailHeaderInjectionServlet.java#L142
utils/MultiPartFileUtils.java:33 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L28-L33
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java#L141 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L57 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L59 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java#L148 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java#L157 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L28 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L33
utils/MultiPartFileUtils.java:33 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L28-L33
Trace https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L69 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L57 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L59 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L76 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/vulnerabilities/UnrestrictedExtensionUploadServlet.java#L81 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L28 https://github.com/mend-demo/easybuggy/blob/00ce374dd1151f07493a4a75fcef2a458f004181/src/main/java/org/t246osslab/easybuggy/core/utils/MultiPartFileUtils.java#L33