CX Side_Channel_Data_Leakage @ src/main/webapp/login.jsp [master]

santhoshr06 commented 3 years ago

Side_Channel_Data_Leakage issue exists @ src/main/webapp/login.jsp in branch master

Method c.getValue at line 15 of src\main\webapp\login.jsp gets private data from element password . This element’s value flows through the code and is sent or written outside of the device or to external media or to a log file in value="<%=password%>"/></td></tr> at line 23 of src\main\webapp\login.jsp. This constitutes Side Channel Data Leakage.

Severity: High

CWE:359

Vulnerability details and guidance

Internal Guidance

Checkmarx

Training Recommended Fix

Lines: 15

Code (Line #15):

            password= c.getValue();

santhoshr06 commented 3 years ago

Issue still exists.

santhoshr06 commented 3 years ago

Issue still exists.

santhoshr06 / CxFlowDemo

CX Side_Channel_Data_Leakage @ src/main/webapp/login.jsp [master] #80