CX Open_Redirect @ src/main/java/org/cysecurity/cspf/jvl/controller/LoginValidator.java [master]

[satyamchaurasiapersistent]

Open_Redirect issue exists @ src/main/java/org/cysecurity/cspf/jvl/controller/LoginValidator.java in branch master

The potentially tainted value provided by ""password"" in src\main\java\org\cysecurity\cspf\jvl\controller\LoginValidator.java at line 44 is used as a destination URL by sendRedirect in src\main\java\org\cysecurity\cspf\jvl\controller\LoginValidator.java at line 68, potentially allowing attackers to perform an open redirection.

Severity: Low

CWE:601

Vulnerability details and guidance

Checkmarx

Training Recommended Fix

Lines: 43 44

---

Code (Line #43):

       String user=request.getParameter("username").trim();

---

Code (Line #44):

          String pass=request.getParameter("password").trim();

---

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.

[satyamchaurasiapersistent]

Issue still exists.