santhoshr06 / CxFlowDemo

GNU General Public License v2.0
0 stars 0 forks source link

Update XPathQuery.java #75

Closed santhoshr06 closed 3 years ago

santhoshr06 commented 3 years ago

Scan submitted to Checkmarx

santhoshr06 commented 3 years ago

Logo
Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 8329 vulnerabilities
High 389 High
Medium 178 Medium
Low 454 Low
Info 7308 Info

Violation Summary

High 74 High
View more details on Checkmarx UI

Cx-SAST Details

Lines Severity Category File Link
35 36 High XPath_Injection src/main/java/org/cysecurity/cspf/jvl/controller/XPathQuery.java Checkmarx
42 High Stored_XSS src/main/webapp/ForgotPassword.jsp Checkmarx
19 High Stored_XSS src/main/webapp/admin/manageusers.jsp Checkmarx
21 29 High Stored_XSS src/main/webapp/myprofile.jsp Checkmarx
43 High Stored_XSS src/main/webapp/vulnerability/sqli/download_id.jsp Checkmarx
12 High Stored_XSS src/main/webapp/vulnerability/forumUsersList.jsp Checkmarx
14 High Stored_XSS src/main/webapp/vulnerability/forumposts.jsp Checkmarx
12 High Stored_XSS src/main/webapp/vulnerability/Injection/orm.jsp Checkmarx
19 High Stored_XSS src/main/webapp/admin/adminlogin.jsp Checkmarx
14 High Stored_XSS src/main/webapp/vulnerability/Messages.jsp Checkmarx
52 High Stored_XSS src/main/java/org/cysecurity/cspf/jvl/controller/LoginValidator.java Checkmarx
16 High Stored_XSS src/main/webapp/vulnerability/DisplayMessage.jsp Checkmarx
43 High Stored_XSS src/main/webapp/vulnerability/sqli/download_id_union.jsp Checkmarx
13 High Stored_XSS src/main/webapp/vulnerability/UserDetails.jsp Checkmarx
19 High Stored_XSS src/main/webapp/vulnerability/securitymisconfig/pages.jsp Checkmarx
60 High Stored_XSS src/main/webapp/vulnerability/forum.jsp Checkmarx
24 High Stored_XSS src/main/webapp/vulnerability/idor/download.jsp Checkmarx
36 High Side_Channel_Data_Leakage src/main/java/org/cysecurity/cspf/jvl/controller/XPathQuery.java Checkmarx
15 High Side_Channel_Data_Leakage src/main/webapp/login.jsp Checkmarx
42 High Side_Channel_Data_Leakage src/main/webapp/ForgotPassword.jsp Checkmarx
44 High Side_Channel_Data_Leakage src/main/java/org/cysecurity/cspf/jvl/controller/LoginValidator.java Checkmarx
19 High Second_Order_SQL_Injection src/main/webapp/admin/adminlogin.jsp Checkmarx
52 High Second_Order_SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/LoginValidator.java Checkmarx
9 High SQL_Injection src/main/webapp/vulnerability/forumposts.jsp Checkmarx
43 44 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/LoginValidator.java Checkmarx
27 28 High SQL_Injection src/main/webapp/vulnerability/idor/change-email.jsp Checkmarx
16 High SQL_Injection src/main/webapp/vulnerability/DisplayMessage.jsp Checkmarx
37 38 39 High SQL_Injection src/main/webapp/changeCardDetails.jsp Checkmarx
42 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java Checkmarx
11 High SQL_Injection src/main/webapp/admin/adminlogin.jsp Checkmarx
13 High SQL_Injection src/main/webapp/admin/manageusers.jsp Checkmarx
41 42 43 High SQL_Injection src/main/webapp/vulnerability/forum.jsp Checkmarx
8 High SQL_Injection src/main/webapp/vulnerability/UserDetails.jsp Checkmarx
50 High SQL_Injection src/main/webapp/vulnerability/Injection/orm.jsp Checkmarx
35 36 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/XPathQuery.java Checkmarx
33 High SQL_Injection src/main/webapp/vulnerability/csrf/changepassword.jsp Checkmarx
42 High SQL_Injection src/main/webapp/ForgotPassword.jsp Checkmarx
18 High SQL_Injection src/main/webapp/vulnerability/sqli/download_id_union.jsp Checkmarx
26 High SQL_Injection src/main/webapp/vulnerability/csrf/change-info.jsp Checkmarx
16 High SQL_Injection src/main/webapp/myprofile.jsp Checkmarx
43 44 45 46 47 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/Register.java Checkmarx
42 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/UsernameCheck.java Checkmarx
18 High SQL_Injection src/main/webapp/vulnerability/sqli/download_id.jsp Checkmarx
58 60 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/Install.java Checkmarx
9 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/Injection/xpath_login.jsp Checkmarx
2 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/xss/xss4.jsp Checkmarx
8 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/UserDetails.jsp Checkmarx
14 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/Injection/xslt.jsp Checkmarx
39 High Reflected_XSS_All_Clients src/main/java/org/cysecurity/cspf/jvl/controller/AddPage.java Checkmarx
11 18 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/SendMessage.jsp Checkmarx
7 26 High Reflected_XSS_All_Clients src/main/webapp/login.jsp Checkmarx
58 High Reflected_XSS_All_Clients src/main/webapp/admin/adminlogin.jsp Checkmarx
44 High Reflected_XSS_All_Clients src/main/java/org/cysecurity/cspf/jvl/controller/xxe.java Checkmarx
16 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/xss/search.jsp Checkmarx
54 56 57 58 High Connection_String_Injection src/main/java/org/cysecurity/cspf/jvl/controller/Install.java Checkmarx