CX Spring_Missing_Function_Level_Authorization @ webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/challenge5/Assignment5.java [develop]

[mgonzalezcx]

Spring_Missing_Function_Level_Authorization issue exists @ webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/challenge5/Assignment5.java in branch develop

Line 52 flags a method or annotation that could be a potential unauthorized access to object available in the corresponding controller. This query is looking for possible flaws in Spring-Security configuration, so only projects that use Spring-Security are considered.

Severity: Information

CWE:862

Vulnerability details and guidance

Checkmarx

Training Recommended Fix

Lines: 50

---

Code (Line #50):

    @PostMapping("/challenge/5")

---