search

vital-ws / SAST-test

Other
0 stars 1 forks source link

Code Security Report: 24 high severity findings, 143 total findings #19

Open mend-for-github-com[bot] opened 2 years ago

mend-for-github-com[bot] commented 2 years ago

Code Security Report

Scan Metadata

Latest Scan: 2023-08-14 07:04am Total Findings: 143 | New Findings: 0 | Resolved Findings: 0 Tested Project Files: 478 Detected Programming Languages: 2 (Java, JavaScript / Node.js)

Most Relevant Findings

The below list presents the 10 most relevant findings that need your attention. To view information on the remaining findings, navigate to the Mend SAST Application.

SeverityVulnerability TypeCWEFileData FlowsDate
HighSQL Injection [CWE-89](https://cwe.mitre.org/data/definitions/89.html) [SqlInjectionLesson9.java:66](https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L66) 42022-06-15 01:16pm
More info https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L61-L66
4 Data Flow/s detected
View Data Flow 1 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L61 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L61 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L66
View Data Flow 2 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L61 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L61 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L66
View Data Flow 3 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L56 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L56 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L59 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L61 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java#L66
[View more Data Flows](https://saas.whitesourcesoftware.com/sast/#/scans/46fb0970-a734-4927-a682-77b3cd5fde49/details?vulnId=5c3ae84d-81d8-4308-8e4b-ab6f8c116bed&filtered=yes)
HighSQL Injection [CWE-89](https://cwe.mitre.org/data/definitions/89.html) [SqlInjectionLesson2.java:62](https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java#L62) 22022-06-15 01:16pm
More info https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java#L57-L62
2 Data Flow/s detected
View Data Flow 1 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java#L62
View Data Flow 2 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java#L56 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java#L56 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java#L59 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java#L62
HighSQL Injection [CWE-89](https://cwe.mitre.org/data/definitions/89.html) [SqlInjectionLesson4.java:63](https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java#L63) 22022-06-15 01:16pm
More info https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java#L58-L63
2 Data Flow/s detected
View Data Flow 1 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java#L63
View Data Flow 2 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java#L57 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java#L57 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java#L60 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java#L63
HighSQL Injection [CWE-89](https://cwe.mitre.org/data/definitions/89.html) [SqlInjectionLesson5a.java:62](https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L62) 32022-06-15 01:16pm
More info https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L57-L62
3 Data Flow/s detected
View Data Flow 1 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L54 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L54 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L57 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L60 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L62
View Data Flow 2 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L54 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L54 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L57 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L60 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L62
View Data Flow 3 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L54 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L54 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L57 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L60 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java#L62
HighSQL Injection [CWE-89](https://cwe.mitre.org/data/definitions/89.html) [SqlInjectionLesson10.java:63](https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java#L63) 12022-06-15 01:16pm
More info https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java#L58-L63
1 Data Flow/s detected
View Data Flow 1 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java#L53 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java#L53 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java#L56 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java#L58 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java#L63
HighSQL Injection [CWE-89](https://cwe.mitre.org/data/definitions/89.html) [SqlInjectionChallenge.java:65](https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionChallenge.java#L65) 12022-06-15 01:16pm
More info https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionChallenge.java#L60-L65
1 Data Flow/s detected
View Data Flow 1 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionChallenge.java#L63 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionChallenge.java#L63 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionChallenge.java#L65
HighSQL Injection [CWE-89](https://cwe.mitre.org/data/definitions/89.html) [SqlInjectionLesson6a.java:65](https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L65) 32022-06-15 01:16pm
More info https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L60-L65
3 Data Flow/s detected
View Data Flow 1 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L52 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L52 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L56 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L60 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L65
View Data Flow 2 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidation.java#L52 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidation.java#L52 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L56 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L60 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L65
View Data Flow 3 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidationOnKeywords.java#L53 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidationOnKeywords.java#L53 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L56 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L60 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java#L65
HighSQL Injection [CWE-89](https://cwe.mitre.org/data/definitions/89.html) [Servers.java:71](https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/Servers.java#L71) 12022-06-15 01:16pm
More info https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/Servers.java#L66-L71
1 Data Flow/s detected
View Data Flow 1 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/Servers.java#L71
HighSQL Injection [CWE-89](https://cwe.mitre.org/data/definitions/89.html) [Assignment5.java:60](https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/challenge5/Assignment5.java#L60) 22023-01-10 12:52pm
More info https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/challenge5/Assignment5.java#L55-L60
2 Data Flow/s detected
View Data Flow 1 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/challenge5/Assignment5.java#L60
View Data Flow 2 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/challenge5/Assignment5.java#L60
HighSQL Injection [CWE-89](https://cwe.mitre.org/data/definitions/89.html) [SqlInjectionLesson3.java:65](https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java#L65) 22022-06-15 01:16pm
More info https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java#L60-L65
2 Data Flow/s detected
View Data Flow 1 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java#L65
View Data Flow 2 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java#L57 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java#L57 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java#L60 https://github.com/vital-ws/SAST-test/blob/d114922753a8d78b419d1465874ad2844449bf19/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java#L65

Findings Overview

Severity Vulnerability Type CWE Language Count
High Deserialization of Untrusted Data CWE-502 Java 2
High DOM Based Cross-Site Scripting CWE-79 JavaScript / Node.js 1
High Cross-Site Scripting CWE-79 Java 3
High Path/Directory Traversal CWE-22 Java 6
High Server Side Request Forgery CWE-918 Java 1
High SQL Injection CWE-89 Java 12
Medium Error Messages Information Exposure CWE-209 Java 56
Medium Hardcoded Password/Credentials CWE-798 Java 10
Medium Console Output CWE-209 Java 5
Medium Miscellaneous Dangerous Functions CWE-676 Java 2
Medium XML External Entity (XXE) Injection CWE-611 Java 1
Medium Weak Pseudo-Random CWE-338 Java 8
Medium Weak Pseudo-Random CWE-338 JavaScript / Node.js 2
Medium Heap Inspection CWE-244 Java 33
Low Weak Hash Strength CWE-916 Java 1