CX XSRF @ src/main/webapp/vulnerability/forum.jsp [master]

[satyamchaurasiapersistent]

XSRF issue exists @ src/main/webapp/vulnerability/forum.jsp in branch master

Method content=request.getParameter at line 42 of src\main\webapp\vulnerability\forum.jsp gets a parameter from a user request from ""content"". This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).

Severity: Medium

CWE:352

Vulnerability details and guidance

Checkmarx

Training Recommended Fix

Lines: 41 42 43

---

Code (Line #41):

                                    String user=request.getParameter("user");

---

Code (Line #42):

                                    String content=request.getParameter("content");

---

Code (Line #43):

                                    String title=request.getParameter("title");

---

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.