Absolute_Path_Traversal issue exists @ webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/challenge7/MD5.java in branch develop
Method main at line 48 of webgoat-lessons\challenge\src\main\java\org\owasp\webgoat\challenges\challenge7\MD5.java gets dynamic data from the args element. This element’s value then flows through the code and is eventually used in a file path for local disk access in main at line 48 of webgoat-lessons\challenge\src\main\java\org\owasp\webgoat\challenges\challenge7\MD5.java. This may cause a Path Traversal vulnerability.
Absolute_Path_Traversal issue exists @ webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/challenge7/MD5.java in branch develop
Method main at line 48 of webgoat-lessons\challenge\src\main\java\org\owasp\webgoat\challenges\challenge7\MD5.java gets dynamic data from the args element. This element’s value then flows through the code and is eventually used in a file path for local disk access in main at line 48 of webgoat-lessons\challenge\src\main\java\org\owasp\webgoat\challenges\challenge7\MD5.java. This may cause a Path Traversal vulnerability.
Severity: Medium
CWE:36
Vulnerability details and guidance
Internal Guidance
Checkmarx
Training Recommended Fix
Lines: 48
Code (Line #48):