Closed satyamchaurasiapersistent closed 2 years ago
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Input_Path_Not_Canonicalized issue exists @ src/main/webapp/vulnerability/sqli/download_id.jsp in branch master
Method fileid=request.getParameter at line 18 of src\main\webapp\vulnerability\sqli\download_id.jsp gets dynamic data from the ""fileid"" element. This element’s value then flows through the code and is eventually used in a file path for local disk access in = at line 37 of src\main\webapp\vulnerability\sqli\download_id.jsp. This may cause a Path Traversal vulnerability.
Severity: Medium
CWE:73
Vulnerability details and guidance
Checkmarx
Training Recommended Fix
Lines: 18
Code (Line #18):