Portability_Flaw_Locale_Dependent_Comparison issue exists @ webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/HashingAssignment.java in branch develop
The application handles input strings in a locale-unspecific manner. In particular, webgoat-lessons\crypto\src\main\java\org\owasp\webgoat\crypto\HashingAssignment.java's getHash calls toUpperCase at line 102 to manipulate the string. The resulting string is compared with equals by checkAssignment4, at webgoat-integration-tests\src\test\java\org\owasp\webgoat\CryptoTest.java:76.
Portability_Flaw_Locale_Dependent_Comparison issue exists @ webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/HashingAssignment.java in branch develop
The application handles input strings in a locale-unspecific manner. In particular, webgoat-lessons\crypto\src\main\java\org\owasp\webgoat\crypto\HashingAssignment.java's getHash calls toUpperCase at line 102 to manipulate the string. The resulting string is compared with equals by checkAssignment4, at webgoat-integration-tests\src\test\java\org\owasp\webgoat\CryptoTest.java:76.
Severity: Low
CWE:474
Vulnerability details and guidance
Checkmarx
Training Recommended Fix
Lines: 107
Code (Line #107):