satyamchaurasiapersistent
commented
2 years ago Issue still exists.
Closed satyamchaurasiapersistent closed 2 years ago
satyamchaurasiapersistent
commented
2 years ago Issue still exists.
satyamchaurasiapersistent
commented
2 years ago Issue still exists.
satyamchaurasiapersistent
commented
2 years ago Issue still exists.
Trust_Boundary_Violation issue exists @ src/main/java/org/cysecurity/cspf/jvl/controller/XPathQuery.java in branch master
Method processRequest at line 36 of src\main\java\org\cysecurity\cspf\jvl\controller\XPathQuery.java gets user input from element ""password"". This element’s value flows through the code without being properly sanitized or validated and is eventually stored in the server-side Session object, in processRequest at line 63 of src\main\java\org\cysecurity\cspf\jvl\controller\XPathQuery.java. This constitutes a Trust Boundary Violation.
Severity: Medium
CWE:501
Vulnerability details and guidance
Checkmarx
Training Recommended Fix
Lines: 35 36
Code (Line #35):
Code (Line #36):