search

uclibs / ucrate

Scholar@UC: University of Cincinnati's self-submission institutional repository
https://scholar.uc.edu
Other
5 stars 3 forks source link

Install Brakeman gem #933

Closed scherztc closed 3 years ago

scherztc commented 3 years ago

Descriptive summary

Include a concise description of the issue and any relevant tracebacks if you're reporting a bug.

Expected behavior

Actual behavior

Steps to reproduce the behavior

  1. Do this
  2. Then do this...

Related work

Link to related issues or prior related work here.

bsp3ars commented 3 years ago

Results of Running brakeman command: == Warning Types ==

Command Injection: 1 Cross-Site Request Forgery: 1 Mass Assignment: 1 SQL Injection: 3

== Warnings ==

Confidence: Medium Category: Command Injection Check: Execute Message: Possible command injection Code: curl "https://www.google.com/recaptcha/api/siteverify?secret=#{key}&response=#{response}" File: app/controllers/hyrax/contact_form_controller.rb Line: 39

Confidence: Medium Category: Cross-Site Request Forgery Check: CSRFTokenForgeryCVE Message: Rails 5.1.7 has a vulnerability that may allow CSRF token forgery. Upgrade to Rails 5.2.4.3 or patch File: Gemfile.lock Line: 804

Confidence: Medium Category: Mass Assignment Check: MassAssignment Message: Specify exact keys allowed for mass assignment instead of using permit! which allows any keys Code: params[:title].permit! File: app/controllers/hyrax/batch_uploads_controller.rb Line: 16

Confidence: Weak Category: SQL Injection Check: SQL Message: Possible SQL injection Code: ::User.where(*base_query).where("#{Devise.authentication_keys.first} like lower(?)\n OR display_name like lower(?)\n OR first_name like lower(?)\n OR last_name like lower(?)", (nil or (("%" + query.downcase.strip) + "%")), (nil or (("%" + query.downcase.strip) + "%")), (nil or (("%" + query.downcase.strip) + "%")), (nil or (("%" + query.downcase.strip) + "%"))) File: app/controllers/display_users_controller.rb Line: 14

Confidence: Weak Category: SQL Injection Check: SQL Message: Possible SQL injection Code: ::User.where(*base_query).where("#{Devise.authentication_keys.first} like lower(?)\n OR display_name like lower(?)\n OR first_name like lower(?)\n OR last_name like lower(?)", (nil or (("%" + query.downcase.strip) + "%")), (nil or (("%" + query.downcase.strip) + "%")), (nil or (("%" + query.downcase.strip) + "%")), (nil or (("%" + query.downcase.strip) + "%"))).where("#{Devise.authentication_keys.first} not in (?)", [::User.batch_user_key, ::User.audit_user_key]) File: app/controllers/display_users_controller.rb Line: 19

Confidence: Weak Category: SQL Injection Check: SQL Message: Possible SQL injection Code: type_class.where("embargo_release_date_dtsi:[* TO #{RSolr.solr_escape(expiration_date)}]") File: app/services/expiration_service.rb Line: 41

scherztc commented 3 years ago

@bsp3ars : Good work. Make separate issues for the Medium issues. Thanks.