Closed wasptree closed 2 years ago
Scan Summary:
PIPELINE_SCAN_VERSION: 22.9.0-0
DEV-STAGE: DEVELOPMENT
SCAN_ID: 4a1f2a74-f454-4359-abeb-22740e6fce5e
SCAN_STATUS: SUCCESS
SCAN_MESSAGE: Scan successful. Results size: 346353 bytes
====================
Analysis Successful.
====================
===================
Analyzed 2 modules.
===================
verademo.war
JS files within verademo.war
====================
Analyzed 159 issues.
====================details
-------------------------------------
Found 2 issues of Very High severity.
-------------------------------------
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): com/veracode/verademo/controller/ToolsController.java:94
CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'): WEB-INF/views/login.jsp:33
----------------------------------
Found 2 issues of Medium severity.
----------------------------------
CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS): com/veracode/verademo/controller/UserController.java:263
CWE-117: Improper Output Neutralization for Logs: com/veracode/verademo/controller/BlabController.java:559
**
Total flaws found: 159, New flaws found: 4 as compared to baseline
**
========================
FAILURE: Found 4 issues!
========================
Scan Summary:
PIPELINE_SCAN_VERSION: 22.9.0-0
DEV-STAGE: DEVELOPMENT
SCAN_ID: 6323b8cf-7c85-4b23-b01c-65d14e5ec33a
SCAN_STATUS: SUCCESS
SCAN_MESSAGE: Scan successful. Results size: 346353 bytes
====================
Analysis Successful.
====================
===================
Analyzed 2 modules.
===================
verademo.war
JS files within verademo.war
====================
Analyzed 159 issues.
====================details
-------------------------------------
Found 2 issues of Very High severity.
-------------------------------------
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): com/veracode/verademo/controller/ToolsController.java:94
CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'): WEB-INF/views/login.jsp:33
----------------------------------
Found 2 issues of Medium severity.
----------------------------------
CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS): com/veracode/verademo/controller/UserController.java:263
CWE-117: Improper Output Neutralization for Logs: com/veracode/verademo/controller/BlabController.java:559
**
Total flaws found: 159, New flaws found: 4 as compared to baseline
**
========================
FAILURE: Found 4 issues!
========================
please merge.