tamirdahan / NodeJSWebApp

0 stars 0 forks source link

Code Security Report: 1 total findings #6

Open mend-for-github-com[bot] opened 2 months ago

mend-for-github-com[bot] commented 2 months ago

Code Security Report

Scan Metadata

Latest Scan: 2024-09-09 06:46am Total Findings: 1 | New Findings: 0 | Resolved Findings: 0 Tested Project Files: 1 Detected Programming Languages: 1 (JavaScript / TypeScript*)

[ ] Check this box to manually trigger a scan

Finding Details

Severity	Vulnerability Type	CWE	File	Data Flows	Date
Low	Log Forging	[CWE-117](https://cwe.mitre.org/data/definitions/117.html)	[index.js:22](https://github.com/tamirdahan/NodeJSWebApp/blob/d26ad4033a836ac21d0e2115637f1d85f005e0b7/index.js#L22)	1	2024-08-18 03:32pm
Vulnerable Code https://github.com/tamirdahan/NodeJSWebApp/blob/d26ad4033a836ac21d0e2115637f1d85f005e0b7/index.js#L17-L22 1 Data Flow/s detected https://github.com/tamirdahan/NodeJSWebApp/blob/d26ad4033a836ac21d0e2115637f1d85f005e0b7/index.js#L21 Secure Code Warrior Training Material ● Training ▪ [Secure Code Warrior Log Forging Training](https://portal.securecodewarrior.com/?utm_source=partner-integration:mend&partner_id=mend#/contextual-microlearning/web/injection/log/nodejs/express) ● Videos ▪ [Secure Code Warrior Log Forging Video](https://media.securecodewarrior.com/v2/module_153_log_forging.mp4) ● Further Reading ▪ [OWASP Log Forging](https://owasp.org/www-community/attacks/Log_Injection)