Deserialization_of_Untrusted_Data issue exists @ webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java in branch develop
The serialized object payload processed in completed in the file webgoat-lessons\vulnerable-components\src\main\java\org\owasp\webgoat\vulnerable_components\VulnerableComponentsLesson.java at line 41 is deserialized by fromXML in the file webgoat-lessons\vulnerable-components\src\main\java\org\owasp\webgoat\vulnerable_components\VulnerableComponentsLesson.java at line 41.
mgonzalezcx
commented
2 years ago
Deserialization_of_Untrusted_Data issue exists @ webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java in branch develop
The serialized object payload processed in completed in the file webgoat-lessons\vulnerable-components\src\main\java\org\owasp\webgoat\vulnerable_components\VulnerableComponentsLesson.java at line 41 is deserialized by fromXML in the file webgoat-lessons\vulnerable-components\src\main\java\org\owasp\webgoat\vulnerable_components\VulnerableComponentsLesson.java at line 41.
Severity: High
CWE:502
Vulnerability details and guidance
Internal Guidance
Checkmarx
Training Recommended Fix
Lines: 41
Code (Line #41):