CX Potentially_Vulnerable_To_Xsrf @ server.js [master]

tsunez / dvna

Damn Vulnerable NodeJS Application

MIT License

0 stars 0 forks source link

CX Potentially_Vulnerable_To_Xsrf @ server.js [master] #18

Open tsunez opened 3 years ago

tsunez commented 3 years ago

Potentially_Vulnerable_To_Xsrf issue exists @ server.js in branch master

Method express at line 12 of server.js gets a parameter from a user request from app. This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (XSRF).

Severity: Low

CWE:352

Vulnerability details and guidance

Checkmarx

Recommended Fix

Lines: 12

Code (Line #12):

var app = express()

tsunez commented 3 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

tsunez commented 3 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

tsunez commented 3 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

tsunez commented 3 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

tsunez commented 3 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)